Server Side Template Injection
Description
Untrusted user input in templating engine's compile() function can result in Remote Code Execution via server side template injection.
Examples
Insecure Code
javascript
var template = Handlebars.compile(req.query.template);Secure Code
javascript
var template = Handlebars.compile('static-template');Remediation
Validate and sanitize all user input before passing it to the templating engine's compile() function. Consider using a templating engine that provides built-in protection against server side template injection.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0379 |
| Category | Injection |
| Severity | CRITICAL |
| CWE | CWE-94 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | server side template injection, remote code execution |
| OWASP | A1:2017-Injection, A03:2021-Injection |