vibhuti019
commented
1 year ago Hi I would like to know more about the issue and work on same.
Open DeliciousBounty opened 1 year ago
vibhuti019
commented
1 year ago Hi I would like to know more about the issue and work on same.
DeliciousBounty
commented
1 year ago Hello @vibhuti019 ! Thank you for getting involved. In this check, we want to check if the API is vulnerable to Template Injection. Our checks are based on the OpenAPI specification of the tested API. If you have more questions, feel free to send me an email, or join us on Discord. :) Discord: https://discord.gg/rxW4Mk4N email: nathan.s@blstsecurity.com
DeliciousBounty
commented
1 year ago Hi I would like to know more about the issue and work on same.
Hey @vibhuti019, do you have some updates?
Server-side template injection is a type of code injection that allows an attacker to execute malicious code on a web server by injecting template directives. By manipulating these directives, an attacker can gain access to sensitive data, execute arbitrary code, or even take control of the server.
Contributors are needed to help identify vulnerabilities that can be exploited using server-side template injection on a API. More info: https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection