Server-Side Template Injection occurs when user input is embedded directly in a server-side template engine (Jinja2, Twig, FreeMarker, Velocity) rather than being passed as data. Depending on the template engine, this can escalate from information disclosure to full remote code execution. Testing involves: identifying template engine technology through error messages or specific syntax probing, injecting template expressions that demonstrate code execution, evaluating sandbox escapes in restricted template environments, and testing across all user-controlled inputs that are rendered through templates.
Technical
Server-Side Template Injection (SSTI): From Template Engine to Remote Code Execution สำหรับองค์กรไทย
SSTI occurs when user input is embedded in server-side templates. Can lead to information disclosure and remote code execution. Guidance for TH market.