Server Side Template Injection
Template injection allows an attacker to include template code into an existing (or not) template. A template engine makes designing HTML pages easier by using static template files which at runtime replaces variables/placeholders with actual values in the HTML pages.
Cheatsheet:
Python script for Java encoder:
Python SSTI RCE
Last updated