Explain command substitution

intrigus-lgtm · web-flow · commit f978951cbe11 · 2022-08-17T22:30:43.000+02:00
diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.qhelp b/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.qhelp
@@ -4,7 +4,10 @@
 <qhelp>
 <overview>
 <p>The code passes user input to <code>wordexp</code>. This leaves the code
-vulnerable to attack by command injection, because <code>wordexp</code> performs command substitution.</p>
+vulnerable to attack by command injection, because <code>wordexp</code> performs command substitution.
+Command substitution is a feature that replaces <code>$(command)</code> or <code>`command`</code> with the
+output of the given command, allowing the user to run arbitrary code on the system.
+</p>
 
 </overview>
 <recommendation>
