Arbitrary Code Execution in Godot serialization
Many Godot functions allow for arbitrary code execution when a file is loaded. To avoid this vulnerability, you can use get_var
and store_var
from FileAccess
.
Many Godot functions allow for arbitrary code execution when a file is loaded. To avoid this vulnerability, you can use get_var
and store_var
from FileAccess
.