Tag feed

#template-injection

2 posts0 followers

From Template to Threat: Exploiting Freemarker SSTI for Remote Code Execution

Nov 22, 2024 · 5 min read · Hi Readers! I hope you all are doing well, In this post, I want to discuss a specific type of vulnerability I've encountered: Server-Side Template Injection (SSTI) in Freemarker that can lead to Remote Code Execution (RCE). This vulnerability is part...

Join discussion

SMsatish Mishratechtonics.hashnode.dev

0

Secure Templating with Jinja2: Understanding SSTI and Jinja2 Sandbox Environment

Apr 8, 2023 · 3 min read · Jinja2 is a popular templating engine used in Python web applications. It provides a powerful and flexible way to generate dynamic HTML, XML, and other output formats. However, as with any templating engine, it is vulnerable to template injection att...

Join discussion

#template-injection

Search Hashnode

#template-injection

From Template to Threat: Exploiting Freemarker SSTI for Remote Code Execution

Secure Templating with Jinja2: Understanding SSTI and Jinja2 Sandbox Environment