all InfoSec news
SSTI -Bypassing Single Quotes Filter
Oct. 15, 2023, 4:34 p.m. | Arun balaji
InfoSec Write-ups - Medium infosecwriteups.com
In this blog , I would like to showcase how you can successfully exploit a Server-side template injection without using single quotes.
Hello, everyone! Today, I’m going to demonstrate how you can exploit a server-side template injection vulnerability, even when certain characters are blacklisted. Let’s get started.
What is SSTI?
Server-side template injection (SSTI) is a web application vulnerability that allows attackers to exploit templates by injecting malicious payloads.
Impact of SSTI?
When developers fail to properly sanitize and validate …
More from infosecwriteups.com / InfoSec Write-ups - Medium
Subdomain takeover via AWS s3 bucket
4 days, 5 hours ago |
infosecwriteups.com
Understanding the CrowdStrike 2024 Global Threat Report
4 days, 5 hours ago |
infosecwriteups.com
Prevent Cross-Site Scripting Attacks in Node.js
4 days, 5 hours ago |
infosecwriteups.com
HTB: Bizness walkthrough
4 days, 5 hours ago |
infosecwriteups.com
CozyHosting HTB Easy | Walkthrough
4 days, 5 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)