Skip to content

Commit b9ffc89

Browse files
authored
Add note about untrusted data (#12885)
* Add note about untrusted data * Copy missed alert
1 parent ea32d33 commit b9ffc89

File tree

17 files changed

+203
-63
lines changed

17 files changed

+203
-63
lines changed

reference/5.1/Microsoft.PowerShell.Core/About/about_Operators.md

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
description: Describes the operators that are supported by PowerShell.
33
Locale: en-US
4-
ms.date: 01/18/2026
4+
ms.date: 03/24/2026
55
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.core/about/about_operators?view=powershell-5.1&WT.mc_id=ps-gethelp
66
schema: 2.0.0
77
title: about_Operators
@@ -301,7 +301,7 @@ At line:1 char:2
301301
+ FullyQualifiedErrorId : CommandNotFoundException
302302
```
303303

304-
The [Invoke-Expression][26] cmdlet can execute code that causes parsing errors
304+
The [Invoke-Expression][27] cmdlet can execute code that causes parsing errors
305305
when using the call operator.
306306

307307
```powershell
@@ -343,6 +343,11 @@ Hello World!
343343

344344
For more about scriptblocks, see [about_Script_Blocks][21].
345345

346+
> [!IMPORTANT]
347+
> Using this operator with untrusted data is a security risk. Only use trusted
348+
> data with this operator. For more information, see
349+
> [Validate All Inputs][26].
350+
346351
### Cast operator `[ ]`
347352

348353
Converts or limits objects to the specified type. If the objects can't be
@@ -644,4 +649,5 @@ properties and methods of an object, use the Static parameter of the
644649
[22]: about_Split.md
645650
[23]: about_Type_Operators.md
646651
[24]: about_Variables.md
647-
[26]: xref:Microsoft.PowerShell.Utility.Invoke-Expression
652+
[26]: https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/
653+
[27]: xref:Microsoft.PowerShell.Utility.Invoke-Expression

reference/5.1/Microsoft.PowerShell.Core/Invoke-Command.md

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
external help file: System.Management.Automation.dll-Help.xml
33
Locale: en-US
44
Module Name: Microsoft.PowerShell.Core
5-
ms.date: 01/18/2026
5+
ms.date: 03/24/2026
66
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-5.1&WT.mc_id=ps-gethelp
77
schema: 2.0.0
88
aliases:
@@ -706,6 +706,11 @@ passed by position from the array value supplied to **ArgumentList**. This is kn
706706
splatting. For more information about the behavior of **ArgumentList**, see
707707
[about_Splatting](about/about_Splatting.md#splatting-with-arrays).
708708

709+
> [!IMPORTANT]
710+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
711+
> parameter. For more information, see
712+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
713+
709714
```yaml
710715
Type: System.Object[]
711716
Parameter Sets: (All)
@@ -1002,6 +1007,11 @@ the values of parameters in the script.
10021007
When you use this parameter, PowerShell converts the contents of the specified script file to a
10031008
scriptblock, transmits the scriptblock to the remote computer, and runs it on the remote computer.
10041009

1010+
> [!IMPORTANT]
1011+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
1012+
> parameter. For more information, see
1013+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
1014+
10051015
```yaml
10061016
Type: System.String
10071017
Parameter Sets: FilePathRunspace, FilePathComputerName, FilePathUri, FilePathVMId, FilePathVMName, FilePathContainerId

reference/5.1/Microsoft.PowerShell.Management/Invoke-Item.md

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
external help file: Microsoft.PowerShell.Commands.Management.dll-Help.xml
33
Locale: en-US
44
Module Name: Microsoft.PowerShell.Management
5-
ms.date: 12/12/2022
5+
ms.date: 03/11/2026
66
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.management/invoke-item?view=powershell-5.1&WT.mc_id=ps-gethelp
77
schema: 2.0.0
88
aliases:
@@ -151,6 +151,11 @@ as escape sequences.
151151

152152
For more information, see [about_Quoting_Rules](../Microsoft.Powershell.Core/About/about_Quoting_Rules.md).
153153

154+
> [!IMPORTANT]
155+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
156+
> parameter. For more information, see
157+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
158+
154159
```yaml
155160
Type: System.String[]
156161
Parameter Sets: LiteralPath
@@ -166,7 +171,11 @@ Accept wildcard characters: False
166171
### -Path
167172

168173
Specifies the path to the selected item.
169-
Wildcard characters are permitted.
174+
175+
> [!IMPORTANT]
176+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
177+
> parameter. For more information, see
178+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
170179

171180
```yaml
172181
Type: System.String[]
@@ -236,7 +245,7 @@ Accept wildcard characters: False
236245
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
237246
-InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose,
238247
-WarningAction, and -WarningVariable. For more information, see
239-
[about_CommonParameters](../Microsoft.PowerShell.Core/About/about_CommonParameters.md).
248+
[about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216).
240249

241250
## INPUTS
242251

reference/5.1/Microsoft.PowerShell.Management/Show-EventLog.md

Lines changed: 13 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -24,12 +24,8 @@ Show-EventLog [[-ComputerName] <String>] [<CommonParameters>]
2424
The `Show-EventLog` cmdlet opens Event Viewer on the local computer and displays in it all of the
2525
classic event logs on the local computer or a remote computer.
2626

27-
To open Event Viewer on Windows Vista and later versions of the Windows operating system, the
28-
current user must be a member of the Administrators group on the local computer.
29-
30-
The cmdlets that contain the **EventLog** noun (the **EventLog** cmdlets) work only on classic event
31-
logs. To get events from logs that use the Windows Event Log technology in Windows Vista and later
32-
versions of the Windows operating system, use the `Get-WinEvent` cmdlet.
27+
The cmdlets that contain the **EventLog** noun work only on classic event logs. To get events from
28+
logs that use the Windows Event Log technology, use the `Get-WinEvent` cmdlet.
3329

3430
## EXAMPLES
3531

@@ -54,12 +50,13 @@ This command opens Event Viewer and displays in it the classic event logs on the
5450
### -ComputerName
5551

5652
Specifies a remote computer. `Show-EventLog` displays the event logs from the specified computer in
57-
Event Viewer on the local computer. The default is the local computer.
58-
59-
Type the NetBIOS name, an IP address, or a fully qualified domain name of a remote computer.
53+
Event Viewer on the local computer. The default is the local computer. When you use this parameter,
54+
the command runs `eventvwr.exe` and passes the value of this parameter.
6055

61-
This parameter does not rely on Windows PowerShell remoting. You can use the **ComputerName**
62-
parameter even if your computer is not configured to run remote commands.
56+
> [!IMPORTANT]
57+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
58+
> parameter. For more information, see
59+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
6360
6461
```yaml
6562
Type: System.String
@@ -77,26 +74,27 @@ Accept wildcard characters: False
7774
7875
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
7976
-InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose,
80-
-WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216).
77+
-WarningAction, and -WarningVariable. For more information, see
78+
[about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216).
8179
8280
## INPUTS
8381
8482
### None
8583
86-
You cannot pipe input to this cmdlet.
84+
You can't pipe input to this cmdlet.
8785
8886
## OUTPUTS
8987
9088
### None
9189
92-
This cmdlet does not generate any output.
90+
This cmdlet doesn't generate any output.
9391
9492
## NOTES
9593
9694
- The Windows PowerShell command prompt returns as soon as Event Viewer opens. You can work in the
9795
current session while Event Viewer is open.
9896
99-
Because this cmdlet requires a user interface, it does not work on Server Core installations of
97+
Because this cmdlet requires a user interface, it doesn't work on Server Core installations of
10098
Windows Server.
10199
102100
## RELATED LINKS

reference/5.1/Microsoft.PowerShell.Management/Start-Process.md

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
external help file: Microsoft.PowerShell.Commands.Management.dll-Help.xml
33
Locale: en-US
44
Module Name: Microsoft.PowerShell.Management
5-
ms.date: 11/01/2023
5+
ms.date: 03/11/2026
66
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.management/start-process?view=powershell-5.1&WT.mc_id=ps-gethelp
77
schema: 2.0.0
88
aliases:
@@ -203,6 +203,11 @@ program on the computer. This parameter is required.
203203

204204
If you specify only a filename, use the **WorkingDirectory** parameter to specify the path.
205205

206+
> [!IMPORTANT]
207+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
208+
> parameter. For more information, see
209+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
210+
206211
```yaml
207212
Type: System.String
208213
Parameter Sets: (All)
@@ -418,6 +423,11 @@ Specifies the location that the new process should start in. The default is the
418423
executable file or document being started. Wildcards aren't supported. The path must not contain
419424
characters that would be interpreted as wildcards.
420425

426+
> [!IMPORTANT]
427+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
428+
> parameter. For more information, see
429+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
430+
421431
```yaml
422432
Type: System.String
423433
Parameter Sets: (All)

reference/7.4/Microsoft.PowerShell.Core/About/about_Operators.md

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
description: Describes the operators that are supported by PowerShell.
33
Locale: en-US
4-
ms.date: 01/18/2026
4+
ms.date: 03/24/2026
55
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.core/about/about_operators?view=powershell-7.4&WT.mc_id=ps-gethelp
66
schema: 2.0.0
77
title: about_Operators
@@ -273,7 +273,7 @@ the name, or if a path was included, verify that the path is correct and
273273
try again.
274274
```
275275

276-
The [Invoke-Expression][26] cmdlet can execute code that causes parsing errors
276+
The [Invoke-Expression][27] cmdlet can execute code that causes parsing errors
277277
when using the call operator.
278278

279279
```powershell
@@ -311,6 +311,11 @@ Hello World!
311311

312312
For more about scriptblocks, see [about_Script_Blocks][21].
313313

314+
> [!IMPORTANT]
315+
> Using this operator with untrusted data is a security risk. Only use trusted
316+
> data with this operator. For more information, see
317+
> [Validate All Inputs][26].
318+
314319
### Background operator `&`
315320

316321
Runs the pipeline before it in the background, in a PowerShell job. This
@@ -897,4 +902,5 @@ ${a}?[0]
897902
[23]: about_Type_Operators.md
898903
[24]: about_Variables.md
899904
[25]: about_Variables.md#variable-names-that-include-special-characters
900-
[26]: xref:Microsoft.PowerShell.Utility.Invoke-Expression
905+
[26]: https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/
906+
[27]: xref:Microsoft.PowerShell.Utility.Invoke-Expression

reference/7.4/Microsoft.PowerShell.Core/Invoke-Command.md

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
external help file: System.Management.Automation.dll-Help.xml
33
Locale: en-US
44
Module Name: Microsoft.PowerShell.Core
5-
ms.date: 01/18/2026
5+
ms.date: 03/24/2026
66
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-7.4&WT.mc_id=ps-gethelp
77
schema: 2.0.0
88
aliases:
@@ -811,6 +811,11 @@ passed by position from the array value supplied to **ArgumentList**. This is kn
811811
splatting. For more information about the behavior of **ArgumentList**, see
812812
[about_Splatting](about/about_Splatting.md#splatting-with-arrays).
813813

814+
> [!IMPORTANT]
815+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
816+
> parameter. For more information, see
817+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
818+
814819
```yaml
815820
Type: System.Object[]
816821
Parameter Sets: (All)
@@ -1130,6 +1135,11 @@ the values of parameters in the script.
11301135
When you use this parameter, PowerShell converts the contents of the specified script file to a
11311136
scriptblock, transmits the scriptblock to the remote computer, and runs it on the remote computer.
11321137

1138+
> [!IMPORTANT]
1139+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
1140+
> parameter. For more information, see
1141+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
1142+
11331143
```yaml
11341144
Type: System.String
11351145
Parameter Sets: FilePathRunspace, FilePathComputerName, FilePathUri, FilePathVMId, FilePathVMName, FilePathContainerId, FilePathSSHHost, FilePathSSHHostHash
@@ -1403,7 +1413,7 @@ remote computer.
14031413

14041414
> [!NOTE]
14051415
> Parameters for the scriptblock can only be passed in from **ArgumentList** by position. Switch
1406-
> parameters cannot be passed by position. If you need a parameter that behaves like a
1416+
> parameters can't be passed by position. If you need a parameter that behaves like a
14071417
> **SwitchParameter** type, use a **Boolean** type instead.
14081418

14091419
```yaml

reference/7.4/Microsoft.PowerShell.Management/Invoke-Item.md

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
external help file: Microsoft.PowerShell.Commands.Management.dll-Help.xml
33
Locale: en-US
44
Module Name: Microsoft.PowerShell.Management
5-
ms.date: 12/12/2022
5+
ms.date: 03/11/2026
66
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.management/invoke-item?view=powershell-7.4&WT.mc_id=ps-gethelp
77
schema: 2.0.0
88
aliases:
@@ -144,12 +144,18 @@ Accept wildcard characters: True
144144

145145
### -LiteralPath
146146

147-
Specifies a path to one or more locations. The value of **LiteralPath** is used exactly as it is
147+
Specifies a path to one or more locations. The value of **LiteralPath** is used exactly as it's
148148
typed. No characters are interpreted as wildcards. If the path includes escape characters, enclose
149149
it in single quotation marks. Single quotation marks tell PowerShell not to interpret any characters
150150
as escape sequences.
151151

152-
For more information, see [about_Quoting_Rules](../Microsoft.Powershell.Core/About/about_Quoting_Rules.md).
152+
For more information, see
153+
[about_Quoting_Rules](../Microsoft.Powershell.Core/About/about_Quoting_Rules.md).
154+
155+
> [!IMPORTANT]
156+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
157+
> parameter. For more information, see
158+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
153159

154160
```yaml
155161
Type: System.String[]
@@ -165,8 +171,12 @@ Accept wildcard characters: False
165171

166172
### -Path
167173

168-
Specifies the path to the selected item.
169-
Wildcard characters are permitted.
174+
Specifies the path to the selected item. Wildcard characters are permitted.
175+
176+
> [!IMPORTANT]
177+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
178+
> parameter. For more information, see
179+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
170180

171181
```yaml
172182
Type: System.String[]
@@ -218,7 +228,7 @@ Accept wildcard characters: False
218228
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
219229
-InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose,
220230
-WarningAction, and -WarningVariable. For more information, see
221-
[about_CommonParameters](../Microsoft.PowerShell.Core/About/about_CommonParameters.md).
231+
[about_CommonParameters](https://go.microsoft.com/fwlink/?LinkID=113216).
222232

223233
## INPUTS
224234

reference/7.4/Microsoft.PowerShell.Management/Start-Process.md

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
external help file: Microsoft.PowerShell.Commands.Management.dll-Help.xml
33
Locale: en-US
44
Module Name: Microsoft.PowerShell.Management
5-
ms.date: 11/01/2023
5+
ms.date: 03/11/2026
66
online version: https://learn.microsoft.com/powershell/module/microsoft.powershell.management/start-process?view=powershell-7.4&WT.mc_id=ps-gethelp
77
schema: 2.0.0
88
aliases:
@@ -274,9 +274,14 @@ Specifies the optional path and filename of the program that runs in the process
274274
an executable file or of a document, such as a `.txt` or `.doc` file, that's associated with a
275275
program on the computer. This parameter is required.
276276

277-
If you specify only a filename that does not correspond to a system command, use the
277+
If you specify only a filename that doesn't correspond to a system command, use the
278278
**WorkingDirectory** parameter to specify the path.
279279

280+
> [!IMPORTANT]
281+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
282+
> parameter. For more information, see
283+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
284+
280285
```yaml
281286
Type: System.String
282287
Parameter Sets: (All)
@@ -502,12 +507,17 @@ Accept wildcard characters: False
502507
Specifies the location that the new process should start in.
503508

504509
When not specified, the cmdlet defaults to the fully-qualified location specified in the
505-
**FilePath** parameter. If the value of the **FilePath** parameter is not fully-qualified, it
510+
**FilePath** parameter. If the value of the **FilePath** parameter isn't fully-qualified, it
506511
defaults to the current working directory of the calling process.
507512

508513
Wildcards aren't supported. The path must not contain characters that would be interpreted as
509514
wildcards.
510515

516+
> [!IMPORTANT]
517+
> Using this parameter with untrusted data is a security risk. Only use trusted data with this
518+
> parameter. For more information, see
519+
> [Validate All Inputs](https://top10proactive.owasp.org/archive/2024/the-top-10/c3-validate-input-and-handle-exceptions/).
520+
511521
```yaml
512522
Type: System.String
513523
Parameter Sets: (All)

0 commit comments

Comments
 (0)