writeups.xyz / Abusing url handling in iTerm2 and Hyper for code execution

Submitter : c2a

Date: 21 May 2024

Bounty : undisclosed

Vulnerabilities :

• RCE
• Escape Sequence Injection

Programs :

• ITerm2
• Vercel (Hyper)

Authors :

• Vin01

Link :
https://vin01.github.io/piptagole/escape-sequences/iterm2/hyper/url-handlers/code-execution/2024/05/21/arbitrary-url-schemes-terminal-emulators.html