Server-Side Template Injection (SSTI)
Server-Side Template Injection (SSTI) occurs when user input is concatenated directly into a server-side template instead of being passed in as a parameter. Because templating engines are designed to evaluate expressions and call methods, an attacker who controls part of the template can frequently escalate from a reflected math expression like {{7*7}} all the way to remote code execution in the language the engine runs on.
The vulnerability class was first formalized by James Kettle's PortSwigger research, which demonstrated generic exploits and sandbox escapes across the most popular template engines. Since then, real-world SSTI has been found in Jinja2 (Python/Flask), Twig (PHP), Freemarker and Velocity (Java), Smarty and Mako, and even nominally sandboxed environments — sandbox escapes for Jinja2 are republished almost every year, and Apache Camel, OpenMetadata, and Alfresco have all shipped critical SSTI CVEs in production frameworks.
SSTI is easy to confuse with XSS at first glance because both involve injection into rendered output, but the impact is fundamentally different. XSS executes in the victim's browser; SSTI executes on the server, often as the application user, and leads directly to file read, environment access, and full RCE. Detection starts with simple expression probes ({{7*7}}, ${7*7}, *{7*7}), then engine fingerprinting through error messages, then engine-specific gadget chains.
This page collects PortSwigger's foundational research, Web Security Academy labs, HackTricks and PayloadsAllTheThings references, the standard tooling (tplmap, SSTImap), and engine-specific exploitation guides and CVE writeups for Jinja2, Twig, Freemarker, and beyond.
From PortSwigger Research
| Date Added | Link | Excerpt |
|---|---|---|
| 2026-04-22 2026 | SSTI in Bug Bounty: Playing with Handlebars and Breaking Stuff intermediate | SSTI in Bug Bounty: Playing with Handlebars and Breaking Stuff |
| 2026-04-22 2026 | SSTI: Explanation, Discovery, Exploitation, and Prevention beginner | Library detailing Server-Side Template Injection (SSTI) vulnerabilities, covering explanation, discovery techniques, exploitation examples like arbitrary code execution and file system manipulation using payloads targeting systems using Jinja2 and ERB, and prevention strategies focusing on avoiding user input in templates. The resource references the PageUp data breach as an SSTI-related incident and includes practical demonstrations using Portswigger's SSTI lab. |
| 2026-04-22 2026 | SSTI: Breaking Out of Templates intermediate | Library for detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities, covering engines like Jinja2, Twig, Freemarker, and ERB. It details how template engines work, identifies vulnerabilities through error messages and syntax variations, and provides engine-specific payloads for Remote Code Execution (RCE), including sandbox escape techniques and filter bypasses. The library also references tools such as tplmap and SSTImap for automated detection and exploitation. |
| 2026-04-22 2026 | Metasploit Module: Tactical RMM Jinja2 SSTI RCE (CVE-2025-69516) news | Module for Metasploit Framework enabling remote code execution via a Server-Side Template Injection (SSTI) vulnerability in Tactical RMM's Jinja2 templating, identified as CVE-2025-69516. This module facilitates exploitation of the vulnerability to gain control over affected systems. |
| 2026-04-22 2026 | Grav CMS Twig SSTI Authenticated Sandbox Bypass RCE intermediate | Module for exploiting CVE-2025-66294, a Grav CMS Twig SSTI vulnerability that bypasses sandbox restrictions for remote code execution. This exploit utilizes weak regex in `cleanDangerousTwig` to handle nested Twig calls and leverages CVE-2025-66301, a broken access control flaw, allowing authenticated users to modify YAML frontmatter for payload injection. → rapid7.com |
| 2026-04-22 2026 | CVE-2026-33154: Dynaconf RCE via Insecure Jinja Template Evaluation news | CVE-2026-33154: Dynaconf RCE via Insecure Jinja Template Evaluation → advisories.gitlab.com |
| 2026-04-22 2026 | Grav CMS: Security Sandbox Bypass with SSTI intermediate | Library for detecting a Server-Side Template Injection (SSTI) vulnerability in Grav CMS, identified as GHSA-gjc5-8cfh-653x. This vulnerability allows authenticated editors to bypass the security sandbox by adding dangerous PHP functions like `system()` and `exec()` to the `system.twig.safe_filters` configuration, enabling arbitrary code execution on the server. |
| 2026-04-22 2026 | Grav CMS: RCE via SSTI through Twig Sandbox Bypass intermediate | Writeup detailing GHSA-662m-56v4-3r8f, a Server-Side Template Injection vulnerability in Grav CMS. This flaw, rooted in weak regex validation within the `cleanDangerousTwig` method, allows authenticated editors to execute arbitrary commands via a chained Broken Access Control exploit. In specific scenarios, unauthenticated attackers can also leverage this for system takeover by targeting existing forms that process user input through `evaluate_twig`. |
| 2026-04-22 2026 | CVE-2026-27641: Flask-Reuploaded Path Traversal Enabling SSTI RCE news | Library for securing Flask applications, addressing CVE-2026-27641, a path traversal and extension bypass vulnerability in Flask-Reuploaded. This flaw enables Server-Side Template Injection (SSTI) for arbitrary file writes and remote code execution. Patched in version 1.5.0, workarounds include avoiding user input for the `name` parameter, using auto-generated filenames, or implementing strict input validation with `secure_filename` and `os.path.basename`. The fix is detailed in pull request jugmac00/flask-reuploaded#180. |
| 2026-04-22 2026 | A Survey of the Overlooked Dangers of Template Engines (arXiv 2024) advanced | Survey of template engines, focusing on Remote Code Execution (RCE) via Server-Side Template Injection (SSTI). This paper analyzes 34 template engines across eight languages, categorizing RCE paths and mitigation strategies. It highlights common vulnerabilities, information disclosure, unauthorized access, and DoS, emphasizing RCE as a critical threat often overlooked in current research. The work also examines real-world SSTI instances and CVEs from platforms like HackerOne. → arxiv.org |
| 2026-04-19 2026 | Inj3ctlab — SSTI Bug Bounty Labs Writeup intermediate | Writeup detailing the process of solving the Inj3ctlab laboratory for practicing Server-Side Template Injection (SSTI). It covers detecting SSTI in three distinct technologies (PHP, Node.js, and Python), identifying template engines like Jinja2 and EJS, and escalating injections to achieve RCE through techniques such as arithmetic evaluation and exploiting template engine functionalities. The writeup includes enumeration steps using Nmap and provides insights into the vulnerability context, exploitation phases, security impact, and mitigation recommendations. |
| 2026-04-19 2026 | Server-Side Template Injection — Bug Bounty 2k25 beginner | Server-Side Template Injection — Bug Bounty 2k25 |
| 2026-04-19 2026 | What is SSTI in Flask/Jinja2? — Payatu beginner | Walkthrough of Server-Side Template Injection (SSTI) in Flask applications using Jinja2. This guide demonstrates how user-controlled data, when rendered directly by Jinja2's `render_template_string`, can lead to vulnerabilities. It details techniques for discovering SSTI via arithmetic expressions, exploiting it to dump application configuration, and navigating Python's object inheritance tree using `__mro__` and `__subclasses__` to read server files and achieve remote code execution. |
| 2026-04-19 2026 | PayloadsAllTheThings — SSTI README beginner RCE | Library detailing Server-Side Template Injection (SSTI) techniques, including detection and exploitation methods. It covers rendered, error-based, and boolean-based SSTI, as well as polyglot payloads like `${{<%['"}}%\.` and tools such as Hackmanit/TInjA and epinna/tplmap. The resource also references research on template engine identification and exploitation, like James Kettle's work and Maximilian Hildebrand's polyglot research. |
| 2026-04-19 2026 | Find and Exploit Server-Side Template Injection — TCM Security beginner | Library for detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities. It covers basic evaluations, retrieving application classes, reading files, and executing system commands through template syntax variations, referencing the PayloadsAllTheThings repository for additional payloads. Detection involves identifying input points, fuzzing with template syntax, testing built-in functions, monitoring error messages, and observing delayed responses, as seen in cases like rider.uber.com. |
| 2026-04-17 2026 | Active Exploitation of Confluence CVE-2022-26134 (Rapid7) intermediate | Writeup of CVE-2022-26134 details an unauthenticated OGNL injection vulnerability in Confluence Server and Data Center, allowing remote code execution. The vulnerability is actively exploited in the wild, with proof-of-concept exploits targeting HTTP requests to inject OGNL payloads. Successful exploitation allows attackers to execute commands and exfiltrate output via HTTP response headers, similar to the previous CVE-2021-26084. Rapid7's analysis highlights the OGNL injection mechanism and provides examples of exploitation, emphasizing the risk to internet-facing instances. → rapid7.com |
| 2026-04-17 2026 | Atlassian Confluence Widget Connector Macro SSTI (ExploitDB) intermediate | Tool for exploiting CVE-2019-3396 in Atlassian Confluence's Widget Connector macro. This script enables path traversal for file disclosure and directory listing, as well as Remote Code Execution (RCE) by uploading a crafted Velocity template. The RCE functionality requires an authenticated session to upload the template to a user's personal space, while path traversal can be exploited without authentication to browse server file systems. → exploit-db.com |
| 2026-04-17 2026 | SSTItoXSS: Exploiting SSTI to bypass WAF/XSS Filter intermediate | SSTItoXSS: Exploiting SSTI to bypass WAF/XSS Filter |
| 2026-04-17 2026 | SSTI (The Hacker Recipes) beginner | Library detailing Server-Side Template Injection (SSTI) vulnerabilities, covering identification of input vectors and exploit techniques for engines like Jinja2 and Twig. It demonstrates payloads for RCE, including those utilizing `os.popen` and context-independent methods. The library also addresses WAF bypasses via bracket notation and hexadecimal encoding, and provides guidance for developers on secure templating practices, contrasting vulnerable code with fixed alternatives. |
| 2026-04-17 2026 | Exploiting CVE-2021-25770: SSTI in YouTrack (Synacktiv) intermediate | Writeup detailing CVE-2021-25770, a critical Server-Side Template Injection in JetBrains YouTrack versions prior to 2020.5.3123. This analysis focuses on leveraging Freemarker's `DEFAULT_WRAPPER` field and a sandbox bypass technique presented at Blackhat USA 2020 to achieve remote code execution, bypassing the ALLOWS_NOTHING_RESOLVER configuration. |
| 2026-04-17 2026 | SSTI in Freemarker (Akto) intermediate | Library for detecting Server-Side Template Injection (SSTI) in FreeMarker. It identifies vulnerable request payloads and query parameters using regular expressions, then injects test expressions like "${89*91}" into "payloadKey" and "queryKey" parameters. Successful exploitation is validated by checking for the string "8099" in the response. |
| 2026-04-17 2026 | Ruby ERB Template Injection (TrustedSec) intermediate | Walkthrough of Ruby ERB template injection detailing techniques to identify template engines, enumerate accessible classes/methods, and exploit them for actions like reading files or command execution. The analysis demonstrates how to use introspection with methods like `.methods` and `.name` to discover program internals, revealing exploitable parameters and objects. It specifically shows how to exploit a Ruby/ERB template engine, even with a safe level setting, to access sensitive data such as the server's private key via the `@ssl_context` instance variable within WEBrick. |
| 2026-04-17 2026 | PayloadsAllTheThings: SSTI Ruby payloads intermediate | Cheatsheet detailing Server-Side Template Injection (SSTI) payloads for Ruby applications. It covers common templating engines like ERB and Slim, demonstrating techniques for remote code execution (RCE) through generic injection payloads. Examples include using `%x('id')` for RCE, `File.read("Y:/A:/"+%x('id'))` for error-based RCE, `1/(system("id")&&1||0)` for boolean-based RCE, and `system("id && sleep 5")` for time-based RCE. It also shows how to execute commands with `IO.popen` and `Open3`/`Open4`. |
| 2026-04-17 2026 | Code Execution via SSTI Ruby ERB (Invicti) intermediate | Library for detecting Server-Side Template Injection (SSTI) in Ruby ERB. This vulnerability can allow an attacker to execute arbitrary code or system commands by improperly using template engine tags instead of string literals. The library focuses on the risk of code execution when user-supplied data is directly included in templates. Developers should pass user-controlled parameters as template parameters rather than concatenating them directly into the template. → invicti.com |
| 2026-04-17 2026 | ruby-ssti: example Ruby ERB app vulnerable to SSTI beginner | Library demonstrating Server-Side Template Injection (SSTI) in Ruby ERB applications. This resource allows users to detect and exploit vulnerabilities where user input, not properly validated, is embedded into ERB templates, potentially leading to arbitrary code execution. It showcases how an attacker can inject malicious Ruby code to read sensitive files like `/etc/passwd` by manipulating the `name` parameter in a Sinatra application. The library also highlights the importance of sanitizing user input and understanding ERB's safe level settings to prevent such attacks. |
| 2026-04-17 2026 | Setting Up a Vulnerable SSTI Lab: A Hands-On Guide beginner | Setting Up a Vulnerable SSTI Lab: A Hands-On Guide |
| 2026-04-17 2026 | SSTI in Flask/Jinja2 (IndominusByte) intermediate | SSTI in Flask/Jinja2 (IndominusByte) |
| 2026-04-17 2026 | tplmap-python3: Python3 port (GitHub) intermediate | Tool for exploiting Server-Side Template Injection (SSTI) and code injection vulnerabilities. It assists penetration testers by identifying and exploiting SSTI flaws across various template engines, including Jinja2, and supports sandbox escape techniques to gain OS access, execute commands, and perform file operations. The project leverages research from James Kett and others, and can handle blind injection scenarios and eval()-like code injections in Python, Ruby, PHP, and Java. |
| 2026-04-17 2026 | Tplmap - Tool For Automatic SSTI Exploitation (GeeksforGeeks) intermediate | Tool for automated server-side template injection (SSTI) exploitation. Tplmap checks for and exploits SSTI vulnerabilities across various template engines including PHP, Ruby, Python, Jinja2, and Tornado, enabling OS-shell access. It is a Python-based application available on GitHub with installation and usage instructions provided. → geeksforgeeks.org |
| 2026-04-17 2026 | Lab: SSTI in an unknown language with documented exploit intermediate | Lab: SSTI in an unknown language with documented exploit |
| 2026-04-17 2026 | PayloadsAllTheThings - SSTI JavaScript engines intermediate | Reference for Server-Side Template Injection (SSTI) in JavaScript engines, detailing payloads for Handlebars, EJS, PugJS, UnderscoreJS, Eta, and NunjucksJS. It includes methods for Remote Code Execution (RCE) via generic injection, error-based, boolean-based, and time-based techniques. The reference also covers Handlebars versions affected by GHSA-q42p-pg8m-cqh6 and provides examples of payload construction using Lodash. |
| 2026-04-17 2026 | HackerOne Report #423541: H1514 Server Side Template Injection news | HackerOne Report #423541: H1514 Server Side Template Injection → hackerone.com |
| 2026-04-17 2026 | A Simple Flask (Jinja2) SSTI Example (Kleiber) beginner | Library demonstrating Server-Side Template Injection (SSTI) in Flask and Jinja2. This resource walks through exploiting the templating engine's ability to render dynamic content, focusing on how to navigate Python's object inheritance tree using `__class__`, `__base__`, and `__subclasses__` to achieve remote code execution, similar to techniques seen in the TryHackMe "Temple" room. |
| 2026-04-17 2026 | Strapi Security Disclosure: Multi-CVE SSTI chain news | Writeup detailing multiple CVEs affecting Strapi, including CVE-2023-22621 (SSTI to RCE in Users-Permissions Plugin), CVE-2023-22893 (Authentication Bypass for AWS Cognito), and CVE-2023-22894 (Leaking Sensitive User Information by Filtering on Private Fields). The writeup provides vulnerability summaries, affected versions, patching instructions, and indicators of compromise for each. |
| 2026-04-17 2026 | Bug Bytes #124: SSTI to RCE in Go apps (Intigriti) intermediate | Article detailing Server-Side Template Injection (SSTI) to Remote Code Execution (RCE) in Go applications, building upon existing XSS research by demonstrating how template injection can lead to file reads or RCE through imported modules. This research addresses a gap in publicly available SSTI techniques for Go. |
| 2026-04-17 2026 | Top 25 RCE Bug Bounty Reports (Cristian Cornea) intermediate | Top 25 RCE Bug Bounty Reports (Cristian Cornea) → corneacristian.medium.com |
| 2026-04-17 2026 | What is Server-Side Template Injection? (Indusface) beginner | Library for understanding and preventing Server-Side Template Injection (SSTI). SSTI occurs when unvalidated user input is processed by template engines like Jinja2, Freemarker, or Twig, potentially leading to Remote Code Execution (RCE), data exfiltration, and server takeover. The library covers identifying vulnerable input points, crafting payloads, and exploitation goals, along with prevention techniques such as input validation, whitelisting, secure template engine usage, and deploying Web Application Firewalls (WAFs) like AppTrana. |
| 2026-04-17 2026 | Mastering SSTI Exploitation: Executing Commands in Popular Templating Engines intermediate | Mastering SSTI Exploitation: Executing Commands in Popular Templating Engines |
| 2026-04-17 2026 | SSTI: Advanced Exploitation Techniques (BootstrapSecurity) advanced | SSTI: Advanced Exploitation Techniques (BootstrapSecurity) |
| 2026-04-17 2026 | Jinja2 template injection filter bypasses (0day.work) intermediate | Writeup detailing bypasses for Jinja2 template injection filter mechanisms. This resource explores techniques to circumvent blacklists designed to prevent direct access to `__class__` and the use of bracket notation. It demonstrates how to use string multiplication with `|join`, the `|attr()` function, and list concatenation via `|format` to construct payloads that evade filtering, ultimately enabling Remote Code Execution. The writeup highlights the inherent insecurity of blacklist filtering and advocates for whitelisting. |
| 2026-04-17 2026 | Jinja2/Flask SSTI Filter bypass (MRLSECURITY) intermediate | Writeup demonstrating Server-Side Template Injection (SSTI) bypass in Jinja2/Flask applications, even with characters like `{{`, `}}`, `.`, `_`, `[`, `]`, `\`, and `x` banned. The technique leverages access to the `request` object and its `attr()` method to construct payloads, such as sending `__base__` via GET parameters to retrieve `dict.__base__`, enabling full SSTI exploitation. |
| 2026-04-17 2026 | SSTI - Server-side template injection with a custom exploit (Scott Murray) intermediate | Library for exploiting Server-Side Template Injection (SSTI) vulnerabilities, specifically demonstrating a custom exploit against the PortSwigger Web Security Academy lab. The process involves reconnaissance to identify the templating engine (Twig on PHP), crafting payloads to bypass syntax errors and trigger execution, and leveraging object properties to read arbitrary files like `/etc/passwd` and `/home/carlos/User.php`, ultimately aiming to delete sensitive files such as `/.ssh/id_rsa`. |
| 2026-04-17 2026 | picoCTF 2025: SSTI2 Exploitation Writeup intermediate | picoCTF 2025: SSTI2 Exploitation Writeup |
| 2026-04-17 2026 | picoCTF 2025: SSTI Challenge Writeup intermediate | picoCTF 2025: SSTI Challenge Writeup |
| 2026-04-16 2026 | SSTI: RCE for the Modern Web App - Black Hat 2015 advanced | SSTI: RCE for the Modern Web App - Black Hat 2015 → blackhat.com |
| 2026-04-16 2026 | Server Side Template Injection - Payloads All The Things beginner | Reference list detailing Server Side Template Injection (SSTI) techniques, including Rendered, Error-Based, Boolean-Based, and Time-Based exploitation methods. It highlights tools such as Hackmanit/TInjA, epinna/tplmap, and SSTImap for detection and exploitation, and references research papers on polyglot-based scanning and new code injection techniques, such as those by James Kettle and Maximilian Hildebrand. |
| 2026-04-16 2026 | Practical Exploitation of SSTI in Flask with Jinja2 intermediate | Lab application demonstrating Server-Side Template Injection (SSTI) in Flask with Jinja2, allowing safe local exploration of exploitation from discovery to Remote Code Execution (RCE) and Cross-Site Scripting (XSS). It showcases payloads for reading files, executing commands, and achieving RCE via reverse shell, alongside HTML injection examples. The resource also provides prevention strategies including preferring `render_template()` over `render_template_string()`, input validation, leveraging Jinja2's auto-escaping, and using a restricted sandbox environment. |
| 2026-04-16 2026 | SSTI Explained with Real Code Examples - Xygeni beginner | Library for detecting and preventing Server-Side Template Injection (SSTI). It details how vulnerabilities in templating engines like Jinja2, Twig, and Velocity allow attackers to inject payloads, ranging from arithmetic expressions ({{7*7}}) to code execution, and highlights risks in CI/CD pipelines, Helm charts, and email templates. The library emphasizes secure coding practices like avoiding direct rendering of user input, using sandboxed templates, and integrating checks into DevSecOps pipelines to catch unsafe template usage and block SSTI vulnerabilities. |
| 2026-04-16 2026 | Deep Dive into SSTI: Finding and Exploiting Like a Pro advanced | Deep Dive into SSTI: Finding and Exploiting Like a Pro → infosecwriteups.com |
| 2026-04-11 2026 | CVE-2022-46166: Spring Boot Admin RCE news | CVE-2022-46166: Spring Boot Admin RCE |
| 2026-04-11 2026 | CVE-2021-43466: Thymeleaf Spring5 RCE news | Library for analyzing the SNYK-JAVA-ORGTHYMELEAF-1915389 vulnerability, an RCE in Thymeleaf Spring5. This exploit targets the render function in AjaxThymeleafView.java, allowing attackers to inject malicious input. The entry also references EPSS model data for threat probability and percentile. → security.snyk.io |
| 2026-04-11 2026 | Handlebars.js: Safe Usage to Avoid Injection Flaws beginner | Library for secure Handlebars.js usage, detailing vulnerabilities like Cross-Site Scripting (XSS), Prototype Pollution (GHSA-2cf5-4w76-r9qv), and Server-Side Template Injection (SSTI). It highlights risks associated with triple braces `{{{}}}`, unsafe custom helpers, and improper compilation, citing real-world exploits in Asana and npm packages. The resource advocates for double brace usage, input validation, restricting dangerous helpers, and implementing Content Security Policy (CSP), also offering guidance on automating template validation in CI/CD pipelines. |
| 2026-04-11 2026 | HackerOne #164224: SSTI intermediate | HackerOne #164224: SSTI → hackerone.com |
| 2026-04-11 2026 | AST Injection: Prototype Pollution to RCE in Handlebars advanced | Writeup detailing AST injection techniques to achieve Remote Code Execution (RCE) in NodeJS applications utilizing template engines like Handlebars and Pug. The analysis demonstrates how prototype pollution vulnerabilities can be leveraged to insert malicious Abstract Syntax Tree (AST) nodes into the compilation process, bypassing input validation and leading to arbitrary command execution. Examples are provided using the vulnerable `flat` module. |
| 2026-04-11 2026 | Handlebars template injection and RCE in Shopify app intermediate | Writeup detailing Handlebars template injection and subsequent Remote Code Execution (RCE) within Shopify's Return Magic application. The author identified an exploitable vulnerability in the Handlebars JavaScript templating engine, allowing for the injection of code. By leveraging Object.prototype.toString and the "with" helper, an attacker could potentially execute arbitrary commands on the server. |
| 2026-04-11 2026 | A Pentester's Guide to SSTI - Cobalt intermediate RCE | Guide to Server-Side Template Injection (SSTI) detailing its nature as a vulnerability where injected input into template engines leads to command execution, often resulting in Remote Code Execution (RCE). It covers popular template engines like Smarty, Twigs, Velocity, Freemaker, JINJA, Mako, Tornado, Jade, Rage, and Liquid. The guide explains detection methods using polyglot payloads, analyzing error messages to identify engines, and exploiting vulnerabilities, mentioning the tool Tplmap for automated exploitation. Remediation strategies include sanitizing user input and employing sandboxing techniques. → cobalt.io |
| 2026-04-11 2026 | SSTI: Advanced Exploitation Guide - Intigriti advanced RCE | Library on advanced Server-Side Template Injection (SSTI) exploitation, detailing identification and weaponization techniques. It covers various template engines including Jinja2, Twig, ERB, EJS, Handlebars, Pug, Thymeleaf, FreeMarker, Pebble, Razor, and Mako. The resource explains how to bypass sandboxed environments by chaining objects and leveraging native template engine features, offering practical examples for escalating basic injections to remote code execution. → intigriti.com |
| 2026-04-11 2026 | Exploiting Jinja SSTI with limited payload size intermediate | Technique for exploiting Jinja Server-Side Template Injection (SSTI) with limited payload size by leveraging the globally accessible `config` object. This method involves storing payload fragments in `config` items via short URI parameters and then executing them using `popen` for remote code execution, demonstrated with a Python reverse shell. |
| 2026-04-11 2026 | RCE via SSTI in Fides Jinja Email Templates intermediate | Library for detecting and mitigating Server-Side Template Injection (SSTI) vulnerabilities, specifically addressing a Remote Code Execution (RCE) flaw in Fides Jinja email templates. This vulnerability, GHSA-c34r-238x-f7qx, allows privileged users (Owner, Contributor, or OAuth clients with messaging-template:update scope) to inject arbitrary code via email templates. Successful exploitation can lead to RCE on the Fides Webserver container, granting unauthorized access to integrated resources and sensitive data. The issue is patched in Fides version 2.44.0. |
| 2026-04-11 2026 | CVE-2024-29178: Apache StreamPark FreeMarker SSTI news | Writeup of CVE-2024-29178, an Apache StreamPark FreeMarker Server-Side Template Injection (SSTI) leading to Remote Code Execution. This moderate-severity vulnerability allows authenticated users to exploit template injection to achieve RCE on versions prior to 2.1.4. Upgrading to Apache StreamPark 2.1.4 mitigates this risk. |
| 2026-04-11 2026 | SpringBootAdmin Thymeleaf SSTI to RCE intermediate | Library for exploiting Thymeleaf Sandbox Bypass in Spring Boot Admin (versions <= 3.1.0) and Thymeleaf (versions <= 3.1.1.RELEASE). This vulnerability allows for Remote Code Execution (RCE) via MailNotifier configuration, enabling attackers to set a malicious remote HTML template or read local files. The library includes proof-of-concept exploit code and details the sandbox bypass technique for achieving RCE. |
| 2026-04-11 2026 | Exploiting SSTI in Thymeleaf intermediate | Writeup detailing Server-Side Template Injection (SSTI) vulnerabilities in the Thymeleaf template engine for Java. It covers Thymeleaf's expression types, including variable expressions vulnerable to OGNL or Spring EL, and the "expression preprocessing" feature. A real-world example is demonstrated within the PetClinic application, showing how controlling the `path` variable in a specific fragment can lead to arbitrary expression execution and potentially Remote Code Execution (RCE) when running on Jetty. → acunetix.com |
| 2026-04-11 2026 | Exploiting SSTI in a Modern Spring Boot Application intermediate | Library for exploiting Server-Side Template Injection (SSTI) in modern Spring Boot applications, specifically targeting bypasses in newer versions. It details how to identify SSTI via Referer header reflection, overcome HTML encoding defenses, and achieve Remote Code Execution (RCE) by leveraging `org.apache.commons.lang3.reflect.MethodUtils` to circumvent Thymeleaf's built-in denylists and achieve arbitrary method execution on `java.lang.Runtime`. |
| 2026-04-11 2026 | Method Confusion in Go SSTIs Lead to RCE advanced | Library for Go Server-Side Template Injection (SSTI) research, detailing method confusion vulnerabilities in the `html/template` and `text/template` modules. It demonstrates how to achieve Remote Code Execution (RCE) and file read capabilities by calling exported methods with controlled parameters, offering a new avenue for exploitation beyond simple XSS. Specific examples include leveraging the `Person.Secret` method for command execution and the `echo.Context.File` method for local file reading. → onsecurity.io |
| 2026-04-11 2026 | Exploiting SSTI in Golang Frameworks intermediate | Writeup exploring Server-Side Template Injection (SSTI) in Golang frameworks like Gin, Echo, and Fiber. It details how attackers can exploit template engines by traversing objects to achieve remote code execution. Specific techniques and payloads are demonstrated for arbitrary file reading using Echo's `.File` and `.Attachment` gadgets, Cross-Site Scripting via Gin's context, and Denial of Service through Fiber's `.App.Shutdown`. |
| 2026-04-11 2026 | Golang SSTI: Safe by Default or Vulnerable by Design intermediate | Library that detects and prevents Golang Server-Side Template Injection (SSTI) vulnerabilities by observing template execution at runtime. It leverages Deep Application Inspection (DAI) to provide application execution context, a template-aware syscall map, and rich context, offering zero-day coverage for "shadow" vulnerabilities. This approach goes beyond traditional defenses like EDRs, CWPPs, and WAFs by identifying malicious behavior at its origin before it propagates, protecting against exploitation of Go’s standard `text/template` and `html/template` engines through context-unaware execution, logic helper functions, and error channel leaks. |
| 2026-04-11 2026 | SSTI: Transforming Web Apps from Assets to Liabilities beginner | Library for detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities. It details risks such as arbitrary code execution and data theft, noting real-world impacts on platforms like Atlassian Confluence and CrushFTP. The library covers techniques including fuzzing, blind SSTI detection using `sleep` commands, and `nslookup` for DNS-based validation, applicable to template engines like Jinja2, Freemarker, and Twig. |
| 2026-04-11 2026 | ServiceNow RCE Exploitation Campaign intermediate | Writeup detailing a global reconnaissance campaign exploiting ServiceNow vulnerabilities CVE-2024-4879 and CVE-2024-5217. The campaign leveraged chained title injection, template injection bypass, and filesystem filter bypass to achieve unauthenticated remote code execution. Attackers utilized tools like Nuclei and search engines such as FOFA, Shodan, and HUNTER.NOW for reconnaissance and exploitation, aiming to exfiltrate database contents and user credentials from vulnerable instances across various industries, including financial services. → resecurity.com |
| 2026-04-11 2026 | Multiple ServiceNow SSTI Vulnerabilities intermediate | Writeup of multiple ServiceNow Server-Side Template Injection (SSTI) vulnerabilities, including CVE-2024-4879 (CVSS 9.3), CVE-2024-5178 (CVSS 6.9), and CVE-2024-5217 (CVSS 9.2), affecting non-hosted instances of Vancouver, Washington DC, and Utah releases. Exploitation allows arbitrary code execution, leading to potential system compromise and data theft. Proof-of-concept code is available on GitHub, and these are CISA Known Exploited Vulnerabilities. Patches are available, and hosted instances were automatically updated. |
| 2026-04-11 2026 | ServiceNow RCE (CVE-2024-4879) Analysis news | Analysis of CVE-2024-4879 details a critical Jelly template injection vulnerability in ServiceNow, enabling unauthenticated remote code execution. This flaw allows attackers to inject and execute arbitrary code, posing risks of unauthorized data access, system compromise, and service disruption. Public exploit tools exist, and the vulnerability has been actively used in attacks with low complexity. Affected ServiceNow versions require immediate patching, and robust input validation is advised as mitigation. |
| 2026-04-11 2026 | SSTI in Jinja2 allows RCE (changedetection.io) intermediate | Writeup of GHSA-4r7v-whpg-8rx3 in changedetection.io details a critical Server Side Template Injection vulnerability within Jinja2 usage, allowing Remote Command Execution. Exploitation involves crafting a malicious notification body payload such as `{{ self.__init__.__globals__.__builtins__.__import__('os').popen('id').read() }}` to execute arbitrary system commands, potentially leading to complete server takeover. The vulnerability affects changedetection.io version 0.45.20 and is exacerbated by the lack of default authentication enforcement. |
| 2026-04-11 2026 | CVE-2025-23211: Jinja2 SSTI Turns Recipes Into RCE news | Writeup of CVE-2025-23211 in Tandoor Recipes, detailing how Server-Side Template Injection (SSTI) via the Jinja2 engine allows for Remote Code Execution (RCE). This vulnerability arises from trusting user input directly within templates, enabling attackers to inject commands and potentially compromise the server, steal data, and pivot within a network. |
| 2026-04-11 2026 | CVE-2025-23211: Tandoor Recipes Jinja2 SSTI to RCE news | Writeup of CVE-2025-23211, a critical Jinja2 Server-Side Template Injection (SSTI) vulnerability in Tandoor Recipes versions prior to 1.5.24. This flaw allows authenticated users to execute arbitrary system commands on the server by injecting malicious Jinja2 expressions into recipe instructions. In Docker Compose deployments, this can lead to root-level system compromise. Mitigation involves upgrading to version 1.5.24, implementing strict input validation, and adhering to the principle of least privilege. |
| 2026-04-10 2026 | GoSecure: Template Injection in Action workshop beginner | Workshop slides from GoSecure presenting a 2-hour deep dive into Template Injection, also known as Server-Side Template Injection (SSTI). This workshop, built on foundations established by James Kettle's 2015 Black Hat talk, features six labs exploring exploitation techniques against five distinct template engines, including Twig and Jinja. Participants will learn to identify vulnerabilities by understanding template syntax, leverage internal APIs like Twig's `_self.env.registerUndefinedFilterCallback` for command execution, and exploit Python's Jinja metaproperties to enumerate classes and potentially achieve code execution. The labs are containerized using Docker for easy deployment, and an HTTP interception proxy is the only prerequisite. |
| 2026-04-10 2026 | Jinja2 SSTI filter bypasses intermediate | Jinja2 SSTI filter bypasses |
| 2026-04-10 2026 | OnSecurity: Server Side Template Injection with Jinja2 beginner | Library detailing Server-Side Template Injection (SSTI) vulnerabilities within Jinja2, focusing on Python environments. It explains template rendering and abuses the Method Resolution Order (MRO) to execute arbitrary code, including techniques for bypassing filters that block common characters like periods and underscores. The resource also explores alternative payload delivery mechanisms using Jinja2's `{% %}` syntax for conditional statements, enabling blind SSTI exploitation and data exfiltration via HTTP. → onsecurity.io |
| 2026-04-10 2026 | Flask & Jinja2 SSTI cheatsheet beginner | Cheatsheet detailing Server-Side Template Injection (SSTI) specifically for Flask and Jinja2, covering reconnaissance techniques like probing `{{7*'7'}}`, basic exploitation using `__mro__` and `__subclasses__` to access Python objects, identifying sinks like `flask.render_template_string`, leveraging global variables (`config`, `request`, `session`), and performing arbitrary file reads or remote code execution. It also includes methods for bypassing filters using techniques like `|attr()` and string concatenation, and mentions tools like Tplmap and search.py. |
| 2026-04-10 2026 | Grav: SSTI via Twig escape handler advisory news | Advisory on GHSA-2m7x-c7px-hp58 details a Server-Side Template Injection (SSTI) vulnerability in Grav via Twig's `setEscaper` function. Exploitation allows attackers to redefine the escape function and execute arbitrary commands by gaining unrestricted access to Twig extension classes, particularly when Grav's Twig sandbox feature is not enabled. This can lead to arbitrary code execution and privilege escalation. |
| 2026-04-10 2026 | Exploit-DB: Twig 2.4.4 Server Side Template Injection intermediate | Writeup of Twig <2.4.4 Server Side Template Injection, an SSTI vulnerability allowing command execution via template parameters. Attackers can inject code like `{{ls}}` into parameters, bypassing expected values to run arbitrary commands, as demonstrated by injecting `{{4*4}}` to return `16`. → exploit-db.com |
| 2026-04-10 2026 | OpenMetadata: FreeMarker SSTI in email templates leads to RCE intermediate RCE | Library detailing a critical Remote Code Execution (RCE) vulnerability (GHSA-5f29-2333-h9c7) in OpenMetadata v1.11.2. This vulnerability arises from Server-Side Template Injection (SSTI) in FreeMarker email templates, allowing an administrator to inject malicious FreeMarker code. This code is then executed by the server when specific email notifications are triggered, enabling arbitrary command execution, data exfiltration, and privilege escalation. |
| 2026-04-10 2026 | CVE-2023-49964: FreeMarker SSTI in Alfresco news | Writeup detailing CVE-2023-49964, a FreeMarker Server-Side Template Injection (SSTI) vulnerability in Hyland Alfresco Community Edition <=7.2.0. Exploitation involves injecting malicious content into `folder.get.html.ftl` to achieve Remote Code Execution (RCE) by leveraging exposed FreeMarker objects. This vulnerability builds upon work related to CVE-2020-12873 and inspired by SSTI research from PortSwigger and Synacktiv. |
| 2026-04-10 2026 | GitHub Security Lab: SSTI in Apache Camel — CVE-2020-11994 news | Writeup on CVE-2020-11994, detailing Server-Side Template Injection (SSTI) vulnerabilities in Apache Camel's FreeMarker, Velocity, MVEL, and Mustache components. These flaws enable Remote Code Execution (RCE) and Arbitrary File Disclosure by allowing attackers to control template headers or resource URIs, potentially impacting versions 2.x up to 2.22.0 and 3.x up to 3.2.0. → securitylab.github.com |
| 2026-04-10 2026 | Breaking the Barrier: RCE via SSTI in FreeMarker intermediate | Breaking the Barrier: RCE via SSTI in FreeMarker |
| 2026-04-10 2026 | Synack: Discovering an SSTI vulnerability in FreeMarker intermediate | Writeup detailing a Server-Side Template Injection (SSTI) vulnerability in FreeMarker, identified as a path to Remote Code Execution (RCE). The entry highlights how user input can be exploited within template engines when not properly validated, leading to arbitrary code execution. It further details a specific bypass technique using FreeMarker's `?lower_abc` and `?upper_abc` functions to circumvent wordlist-based filters and achieve RCE by encoding malicious payloads. |
| 2026-04-10 2026 | YesWeHack: Limitations are just an illusion — advanced SSTI exploitation with RCE everywhere advanced RCE | Writeup detailing advanced Server-Side Template Injection (SSTI) exploitation techniques, demonstrating Remote Code Execution (RCE) without relying on quotes or external plugins across Jinja2, Mako, Twig, Smarty, Blade, Groovy, FreeMarker, and Razor template engines. It showcases how to leverage built-in functions like `chr`, `popen`, `passthru`, and `implode`, along with engine-specific features like Python's `__init__.__globals__` or Twig's block functionality, to bypass auto-escaping and achieve RCE in diverse application security contexts. → yeswehack.com |
| 2026-04-10 2026 | vladko312/SSTImap: Automatic SSTI detection tool with interactive interface intermediate | Tool for automatic Server-Side Template Injection (SSTI) detection and exploitation, inspired by Tplmap. SSTImap supports various template engines including Java, JavaScript, PHP, Python, and Ruby, and can exploit code context escapes and blind injection scenarios. It offers interactive mode for easier exploitation and detection, supports eval()-like code injections, and provides capabilities for OS command execution, file system manipulation, and code evaluation. New techniques and payloads, drawing from research by James Kettle and others, enhance its ability to identify and leverage SSTI vulnerabilities. |
| 2026-04-10 2026 | epinna/tplmap: SSTI and Code Injection Detection and Exploitation Tool intermediate | Tool for detecting and exploiting Server-Side Template Injection (SSTI) and code injection vulnerabilities. Tplmap assists in gaining operating system access through sandbox escape techniques, supporting Python, Ruby, PHP, and Java eval()-like injections across over 15 template engines, including Jinja2. It offers capabilities for shell command execution, bind and reverse shells, file upload/download, and code evaluation. |
| 2026-04-10 2026 | PayloadsAllTheThings SSTI: Java intermediate | Library cataloging common Java Server-Side Template Injection (SSTI) payloads across various templating engines. This resource details exploit techniques for JSP, Thymeleaf, FreeMarker, Jinjava, Pebble, and Velocity. It includes specific payload examples for command execution, demonstrating how to leverage Expression Languages, built-in functions like `lower_abc` in FreeMarker, and dynamic class loading in engines like Jinjava and Pebble to achieve Remote Code Execution (RCE). |
| 2026-04-10 2026 | PayloadsAllTheThings: Server Side Template Injection beginner | Library providing resources on Server-Side Template Injection (SSTI). It details techniques like Rendered, Error-Based, Boolean-Based, and Time-Based exploitation, and references tools such as Hackmanit/TInjA and epinna/tplmap. The library includes information on identifying template engines like Jinja2, Twig, and FreeMarker, and discusses specific research papers on SSTI detection and exploitation. |
| 2026-04-10 2026 | HackTricks: Jinja2 SSTI intermediate | Library detailing Jinja2 Server-Side Template Injection (SSTI) vulnerabilities, including techniques for escaping sandboxes to access regular Python execution flow. It demonstrates methods to recover the `<class 'object'>` from accessible objects like `dict`, `request`, and `config`, enabling the retrieval of subclasses. This allows for operations such as reading and writing remote files using the `File` class, and executing arbitrary commands via `subprocess.Popen`. The library also covers techniques for abusing statement tags like `{% with %}` and `{% if %}` when `{{ ... }}` is blocked. → book.hacktricks.xyz |
| 2026-04-10 2026 | HackTricks: SSTI (Server Side Template Injection) beginner | HackTricks: SSTI (Server Side Template Injection) → book.hacktricks.xyz |
| 2026-04-10 2026 | OWASP Testing for Server Side Template Injection beginner | Reference for testing Server-Side Template Injection (SSTI) vulnerabilities in web applications, a common flaw found when user input is unsafely embedded in templating engines like Jinja2 and Twig, potentially leading to remote code execution. The guide details methods for detecting injection points, identifying templating engines, and building exploits, referencing tools such as Tplmap and Burp Suite extensions. It also covers testing in both plaintext and code contexts. → owasp.org |
| 2026-04-10 2026 | Server-side template injection PortSwigger KB intermediate | Library detailing Server-side template injection, a vulnerability where user input is unsafely embedded into server-side templates, potentially allowing arbitrary code execution and server control. It covers identifying template engine types, mapping the attack surface, and auditing exposed objects, noting severity varies by engine. Remediation strategies include avoiding user-generated templates, using logic-less engines like Mustache, or sandboxing rendering environments. This vulnerability is classified under CWE-94, CWE-95, and CWE-116, often carrying a high severity. → portswigger.net |
| 2026-04-10 2026 | Exploiting server-side template injection vulnerabilities intermediate | Reference detailing the exploitation of server-side template injection vulnerabilities, covering techniques for discovering and leveraging template engine syntax and documentation, including examples with Mako, ERB, and Velocity. It emphasizes reading documentation, identifying syntax, exploring environment objects like "self," analyzing developer-supplied objects, and constructing custom exploits through object chaining to achieve outcomes ranging from remote code execution to file path traversal. → portswigger.net |
| 2026-04-10 2026 | Template Injection Research | PortSwigger Research advanced | Library covering template injection, detailing both Client Side Template Injection (CSTI) and Server Side Template Injection (SSTI). Learn techniques to bypass Content Security Policy (CSP) and exploit client-side vulnerabilities similar to Cross-Site Scripting (XSS), including breaking the AngularJS sandbox as presented at BSides Manchester. Explore server-side exploitation, detecting templating engines, and achieving Remote Code Execution (RCE), including research presented at Black Hat USA on SSTI. → portswigger.net |
| 2026-04-10 2026 | Server-Side Template Injection | PortSwigger Research advanced | Reference for Server-Side Template Injection (SSTI) details a methodology for detecting and exploiting template engines like Twig and FreeMarker, which are commonly used to embed dynamic content. SSTI vulnerabilities arise when user input is unsafely embedded in templates, potentially leading to Remote Code Execution (RCE). The research outlines detection techniques for both "text" and "variable" contexts, emphasizing the importance of identifying the specific template engine and its documentation to craft effective exploits, including escaping sandbox modes. → portswigger.net |
| 2026-04-10 2026 | Server-side template injection | Web Security Academy beginner | Library explaining server-side template injection, a vulnerability where attackers inject malicious payloads into templates to achieve remote code execution or access sensitive data. It details how these vulnerabilities arise when user input is directly concatenated into templates instead of being passed as data, and outlines detection methods like fuzzing with special characters and testing mathematical operations in plaintext or code contexts, applicable to engines like Twig and Freemarker. → portswigger.net |
Frequently Asked Questions
- What is server-side template injection?
- SSTI happens when user input is concatenated into a template that the server then renders, instead of being passed as a parameter. Because templating engines support expressions and method calls, an attacker who controls part of the template can often execute arbitrary code in the language the engine runs on — Python, Java, PHP, JavaScript, and others have all seen real-world SSTI leading to remote code execution.
- How do you test for SSTI?
- The standard first probe is a math expression like {{7*7}} or ${7*7} — if the response contains 49 instead of the literal string, the input is being evaluated. From there, identify the engine through error messages or syntax fingerprinting and escalate to environment access, file reads, or code execution using engine-specific payloads. PortSwigger's SSTI research provides a complete methodology.
- Which template engines are most affected by SSTI?
- Jinja2 (Python), Twig (PHP), Freemarker and Velocity (Java), Smarty (PHP), and Mako (Python) all have well-documented SSTI exploitation paths. Even nominally sandboxed engines like Jinja2 have repeatedly had sandbox escapes published. Any engine that exposes object attributes, method calls, or filters is a candidate.
Weekly AppSec Digest
Get new resources delivered every Monday.