5 min read
Command Injection Is Not the Story. Inherited Authority Is.
The BeyondTrust Codex writeup shows a real command injection bug. But the deeper lesson is not about escaping shell arguments -- it is about why one injection was enough to steal a token and exfiltrate it.