SSTI is caused by a developer passing untrusted user input into a template rendering engine allowing user to specify the template’s code. Depending on the template language in use, such vulnerability will have different security consequences ranging from minor information leaks to remote code execution.
This article provides a summary of post-exploitation options when SSTI is discovered in a web application utilizing Django Templates1 (DT) from Django, a Python language web framework. We will provide a summary of documented and previously undocumented techniques to help better understand impact of SSTI in DT for both developers and security assessors.
Download Django Templates Server-Side Template Injection v1.0 Whitepaper