Sayaan Alamblog.sayaan.in·Nov 22, 2024From Template to Threat: Exploiting Freemarker SSTI for Remote Code ExecutionHi Readers! I hope you all are doing well, In this post, I want to discuss a specific type of vulnerability I've encountered: Server-Side Template Injection (SSTI) in Freemarker that can lead to Remote Code Execution (RCE). This vulnerability is part...1.7K readsbug bounty
satish Mishratechtonics.hashnode.dev·Apr 8, 2023Secure Templating with Jinja2: Understanding SSTI and Jinja2 Sandbox EnvironmentJinja2 is a popular templating engine used in Python web applications. It provides a powerful and flexible way to generate dynamic HTML, XML, and other output formats. However, as with any templating engine, it is vulnerable to template injection att...3 likes·160 readsPython