Vulnerability
Description
By manipulating the server-side template engine, an attacker can inject arbitrary code or data into the template. This can lead to remote code execution and unauthorized access.
Recommendation
Use secure template rendering methods that do not evaluate user input as part of the template. Instead, use parameterized queries or bind variables to prevent injection attacks.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
