azure_cli is vulnerable to arbitrary code injection. The vulnerability exist in azure_cli only when running on windows, due to incorrect input validations during the submission of values containing &
or |
symbols which allows an attacker to inject and execute malicious code into the system.