Code Injection via a Vulnerable Template Engine

In this video, I discuss a code injection vulnerability within the Handlebars library. This bug isn’t your usual “template injection” bug.

We will use a vulnerable app to test this, while also looking at some source code to analyze the root cause of the vulnerability. Lastly, after exploiting it successfully, we will see how this can be fixed automatically via Snyk. This is a short intro which can be used

author avatar
Farah Hawa

Hi! I work as an application security engineer at Bugcrowd. I'm a part-time bug bounty hunter and I also create technical content for bug bounty hunters & web application pentesters and interview some amazing people in infosec for my YouTube channel: https://www.youtube.com/c/FarahHawa/

You may also like

Reverse Image Search EXPOSES You
Reverse Image Search EXPOSES You
27 January, 2026
How Hackers Track You Using Your IP Address
How Hackers Track You Using Your IP Address
13 January, 2026
Run YOUR own UNCENSORED AI & Use it for Hacking
Run YOUR own UNCENSORED AI & Use it for Hacking
18 December, 2025

Leave A Reply

0
Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Powered by  GDPR Cookie Compliance