Injection: SSTI (Server-Side Template Injection)¶

Identifier: ssti

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

Server-Side Template Injection happens when an attacker gets control over a web page's template by injecting content that the server then processes. This usually occurs when user input is directly embedded into a template without proper validation or filtering. Because templates often include powerful built- in functions, if an attacker can control the template, they might even run system commands, access sensitive data, or execute unwanted operations on the server. Developers often fall into the trap of not sanitizing inputs properly or misconfiguring template engines, leaving the door open for serious risks like unauthorized data exposure or complete server compromise if the vulnerability is exploited.

References:

https://portswigger.net/web-security/server-side-template-injection

Configuration¶

Example¶

Example configuration:

---
security_tests:
  ssti:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.