Escape shell command before processing by Symfony StringInput (#1396)

netz98 · Jan 30, 2024 · 18c8a34 · 18c8a34
1 parent 0317cc7
commit 18c8a34
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/N98/Magento/Command/MagentoCoreProxyCommand.php b/src/N98/Magento/Command/MagentoCoreProxyCommand.php
@@ -56,7 +56,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
     {
         $config = $this->getCommandConfig();
 
-        $magentoCoreCommandInput = new FilteredStringInput($input->__toString());
+        $magentoCoreCommandInput = new FilteredStringInput(escapeshellcmd($input->__toString()));
         $envVariablesForBinMagento = $_ENV;
 
         if ($config['is_env_variables_filtering_enabled'] === true) {