Template injection

What is it?

Template Injection attacks occur when an attacker can inject malicious input into template expressions, causing the application to execute unintended instructions. These attacks exploit weaknesses in the way applications interpret template expressions, often leading to remote code execution or data exposure.

Template engines are used in various programming languages and frameworks to dynamically generate HTML, XML, or other output formats. While they often have sandboxing features to limit the effects of template injection, these can sometimes be bypassed.

There are many types of Template Injection, which can occur in different template engines, including:

  • Server-side Template Injection (SSTI)

  • AngularJS Template Injection

  • Jinja2 Template Injection

  • Twig Template Injection

  • Freemarker Template Injection

  • Django Template Injection

Detection

${3*3}
${3*'3'}
${{3*3}}
#{3*3}
*{3*3}
{{3*3}}
<%= 3*3 %>

Last updated