As stated in the advisory: > It may also be triggered indirectly via Git’s export-subst mechanism, which applies the formatting modifiers to selected files when using git archive. This very practical to exploit on Git…
Rails will do the following: User.find_by_reset_password_token(0) User Load (0.8ms) SELECT `users`.* FROM `users` WHERE `users`.`reset_password_token` = 0 LIMIT 1 => #<User id: 1,[...] hope that illustrates it
This very much is true. I'll put some details up soon.
As stated in the advisory: > It may also be triggered indirectly via Git’s export-subst mechanism, which applies the formatting modifiers to selected files when using git archive. This very practical to exploit on Git…
Rails will do the following: User.find_by_reset_password_token(0) User Load (0.8ms) SELECT `users`.* FROM `users` WHERE `users`.`reset_password_token` = 0 LIMIT 1 => #<User id: 1,[...] hope that illustrates it
This very much is true. I'll put some details up soon.