Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 09:27:32 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #222 from jasonotu/patch-1

Browse source 
Update README.md
This commit is contained in:
Carlos Polop 2021-09-11 10:03:11 +01:00 committed by GitHub
commit 303110cef4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pentesting-web/ssti-server-side-template-injection/README.md
View file

@ -32,7 +32,7 @@ If an **error is thrown** it will be quiet easy to figure out that **the server
#### Detect - Plaintext context
The given input is being **rendered and reflected** into the response. This is easily **mistaken for a simple** [**XSS**](../xss-cross-site-scripting/) vulnerability, but it's easy to difference if you try set **mathematical operations** within a template expression:
The given input is being **rendered and reflected** into the response. This is easily **mistaken for a simple** [**XSS**](../xss-cross-site-scripting/) vulnerability, but it's easy to differentiate if you try to set **mathematical operations** within a template expression:
```text
{{7*7}}