gin-command-injection-taint
exec.Command
function in combination with the bash -c
command to run the user input as a shell command. To sanitize the user input, you can use a library like shellescape
to escape any special characters before constructing the command. For more information, see: Go command injection prevention