|
|
|
|
|
|
by barosl
1644 days ago
|
|
|
This vulnerability seems much harder to exploit. I've just checked the services I'm in charge of and while there are a few uses of `${ctx:...}` in those codebases, the corresponding context values are all injected internally and not able to be manipulated by the user. |
|
|