Headline

GHSA-hj8m-9fhf-v7jp: fief-server Server-Side Template Injection vulnerability

Server-Side Template Injection

Overview of the Vulnerability

Server-Side Template Injection (SSTI) is a vulnerability within application templating engines where user input is improperly handled and is embedded into the template, possibly leading code being executed.

An attacker can use SSTI to execute code on the underlying system by manipulating values within the embedded template. When code is executed within the underlying system, it can allow an attacker to run permissioned commands under the exploited process, or exploit Cross-Site Scripting (XSS) to run code within the user’s browser.

Business Impact

SSTI can lead to reputational damage for the business due to a loss in confidence and trust by users. If an attacker successfully executes code within the underlying system, it can result in data theft and indirect financial losses.

Steps to Reproduce

Sign up and login to your account
Use a browser to navigate to: email-templates {{URL}}
put your payload in Edit Base template {{ cycler.__init__.__globals__.os.popen('id').read() }} and you will se it will execute.

Payload: {{ cycler.__init__.__globals__.os.popen('id').read() }}

Proof of Concept (PoC)

The screenshot(s) below demonstrates the SSTI:

SSTI

1 year ago

ghsa

Open in Source

#xss #vulnerability #git #perl

Server-Side Template Injection****Overview of the Vulnerability

Business Impact

Steps to Reproduce

Sign up and login to your account
Use a browser to navigate to: email-templates {{URL}}
put your payload in Edit Base template {{ cycler.init.globals.os.popen(‘id’).read() }} and you will se it will execute.

Payload:
{{ cycler.init.globals.os.popen(‘id’).read() }}

Proof of Concept (PoC)

The screenshot(s) below demonstrates the SSTI:

References