ansible is vulnerable to arbitrary code execution and information leakage. It does not properly template the input action arguments Module_args
, allowing a malicious user to control the variable data and supply their own options to an action. A malicious user controlling variables passed to the copy or template actions can trigger arbitrary code execution and information leakage.