Hacker News new | ask | show | jobs
by jlv2 790 days ago
More like "the danger of thinking you can trivially validate user-supplied input" before evaluating the string.
1 comments
cratermoon 790 days ago
Even non-trivially validating it can go wrong. See Log4Shell, e.g.

The bigger problem here is executing user input.

link