For historical reasons, the functionality is implemented by calling out to a shell command with the product and store IDs as arguments: Many instances of OS command injection are blind vulnerabilities ...
Given that it's developed by the same team responsible for the popular modern Wolfenstein games and that it's the first new ...