🛠️ SSTI (Server-Side Template Injection)
Some web applications rely on template engines to offer dynamic content. When user inputs are embedded in templates, without proper sensitization, the web apps can be vulnerable to SSTIs (Server-Side Template Injections). This is a critical vulnerability that can sometimes lead to Sensitive Information Disclosure, Local File Disclosure and even RCE (Remote Code Execution).
Testers need to identify input vectors (parts of the app that accept content from the users) that might be embedded in templates.
The following injection methodology can be used to identify the template engine. Is the content modified?
Depending on the template engine in use, testers will be able to fully exploit the SSTI vulnerability.
Many template engines offer a sandboxed mode for intentional template injection (to offer rich functionalities). A server-side template injection can sometimes be a feature and not a vulnerability.
🛠️ Add some examples ?