Injection: SSTI (Server-Side Template Injection)¶

Identifier: ssti

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Server-Side Template Injection happens when an attacker gets control over a web page's template by injecting content that the server then processes. This usually occurs when user input is directly embedded into a template without proper validation or filtering. Because templates often include powerful built- in functions, if an attacker can control the template, they might even run system commands, access sensitive data, or execute unwanted operations on the server. Developers often fall into the trap of not sanitizing inputs properly or misconfiguring template engines, leaving the door open for serious risks like unauthorized data exposure or complete server compromise if the vulnerability is exploited.

Execution conditions (BLST):

Runs when this test is enabled, arguments are present, the response is non-empty, and coverage is OK, VALIDATION_ERROR, or SERVER_ERROR.

References:

https://portswigger.net/web-security/server-side-template-injection

Configuration¶

Example¶

Example configuration:

---
security_tests:
  ssti:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.