Code Injection via a Vulnerable Template Engine

Posted by Farah Hawa
Date March 30, 2022

In this video, I discuss a code injection vulnerability within the Handlebars library. This bug isn’t your usual “template injection” bug.

We will use a vulnerable app to test this, while also looking at some source code to analyze the root cause of the vulnerability. Lastly, after exploiting it successfully, we will see how this can be fixed automatically via Snyk. This is a short intro which can be used

Farah Hawa

Hi! I work as an application security engineer at Bugcrowd. I'm a part-time bug bounty hunter and I also create technical content for bug bounty hunters & web application pentesters and interview some amazing people in infosec for my YouTube channel: https://www.youtube.com/c/FarahHawa/

Popular Courses

Penetration Testing

Consulting

Code Review

One on one Training

Online Courses

VPN

Popular Courses

Penetration Testing

Consulting

Code Review

One on one Training

Online Courses

VPN

Hacking & Security

Code Injection via a Vulnerable Template Engine

Bypass Admin Panel Using SQL Injection

Generate FUD Credential Stealers In Minutes!

Leave A Reply Cancel reply

Contribute

Hacking & Security

You may also like

Leave A Reply Cancel reply

Contribute

Login with your site account

Register a new account