SSTI (Server-Side Template Injection)
Description
Server-Side Template Injection occurs when an attacker can inject arbitrary content into a template, which is then executed and rendered on the server. This can lead to a variety of attacks, such as remote code execution, information disclosure, and more. It's especially dangerous in environments where the template engine has functionalities that allow shell command execution or other powerful capabilities.
Remediation
To prevent SSTI:
- Always validate and sanitize user input rigorously.
- If possible, avoid passing user input directly to template engines.
- Make sure to use the latest versions of template engines which might have patches for known vulnerabilities.
- Restrict template engine's capabilities if possible, so that even if an injection occurs, the impact can be minimized.
REST Specific
Asp_net
Ruby_on_rails
Next_js
Laravel
Express_js
Django
Symfony
Spring_boot
Flask
Nuxt
Fastapi
Configuration
Identifier:
injection/ssti
Examples
Ignore this check
checks:
injection/ssti:
skip: true
Score
- Escape Severity: HIGH
Compliance
OWASP: API10:2023
pci: 6.5.1
gdpr: Article-32
soc2: CC1
psd2: Article-95
iso27001: A.14.2
nist: SP800-53
fedramp: AC-6
Classification
- CWE: 94
Score
- CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C
- CVSS_SCORE: 6.8