Code Injection via a Vulnerable Template Engine
- Posted by Farah Hawa
- Date March 30, 2022
In this video, I discuss a code injection vulnerability within the Handlebars library. This bug isn’t your usual “template injection” bug.
We will use a vulnerable app to test this, while also looking at some source code to analyze the root cause of the vulnerability. Lastly, after exploiting it successfully, we will see how this can be fixed automatically via Snyk. This is a short intro which can be used
Hi! I work as an application security engineer at Bugcrowd. I'm a part-time bug bounty hunter and I also create technical content for bug bounty hunters & web application pentesters and interview some amazing people in infosec for my YouTube channel: https://www.youtube.com/c/FarahHawa/
You may also like
Binary Exploitation: Stack Overflows
10 October, 2024
The Best TryHackMe OSINT CTF Challenges
3 October, 2024
Introduction to Game Hacking | Cyberspace CTF 2024 “Snake”
26 September, 2024