alt Hacker NewsThis article only rehashes primary sources that have already been submitted to HN (including the original researcher’s). The story itself is almost a month old now, and this article reveals nothing new.
The researcher who first reported the vuln has their writeup at https://adnanthekhan.com/posts/clinejection/
Previous HN discussions of the orginal source: https://news.ycombinator.com/item?id=47064933
But neither of the previous HN submissions reached the front page. The benefit of this article is that it got to the front page and so raised awareness.
The original vuln report link is helpful, thanks.