Unobvious NoSQL injection example
oleksiireshetnik opened this issue · 1 comments
oleksiireshetnik commented
For a moment only difference between normal view of allocations and exploited view is different numbers of stocks, funds and bonds in one result row. I think it would be more obvious if payload 1'; return 1 == '1 caused something like this:
I can create pr if you find this useful.
ckarande commented
@getupandgo Thanks for the idea. Yes, please create a PR.