Improper Control of Generation of Code ('Code Injection')
Sup allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment.
Advisories for Gem/Sup package
2013
Improper Control of Generation of Code ('Code Injection')
lib/sup/message_chunks.rb in Sup allows remote attackers to execute arbitrary commands via shell metacharacters in the content_type of an email attachment.