Potential TWiki security hole
TWiki bug explanation and patch - Shell characters aren't escaped/filtered when checking in file attachments. Simple patch available on the TWiki site, and a good reminder of why you should
always prefer the list form of the Perl
system call over the string form.