object-introspection

1 article
sort: new top best
clear filter
bug-bounty497 google347 xss301 microsoft290 facebook261 rce211 exploit198 malware168 apple161 cve135 account-takeover115 bragging-post102 privilege-escalation96 csrf90 phishing86 browser75 writeup74 authentication-bypass69 supply-chain67 dos66 stored-xss65 reflected-xss57 ssrf56 reverse-engineering54 access-control52 react52 input-validation49 cross-site-scripting48 cloudflare47 aws47 docker46 web-security46 lfi46 smart-contract45 sql-injection45 web-application44 ethereum44 ctf43 web343 defi43 oauth43 node41 race-condition39 pentest39 open-source39 idor37 cloud37 info-disclosure36 burp-suite36 auth-bypass35
0 7/10
RCE with Flask Jinja tempelate Injection
bug-bounty

A Flask/Jinja2 template injection vulnerability was discovered in an email generation utility that evaluated user input in email subject fields. The attacker exploited Python object introspection through Jinja2 syntax to access the file class and read sensitive files including configuration files with API keys and encryption keys from a GCE instance.

template-injection jinja2 flask rce python ssti file-read bug-bounty web-application email-functionality object-introspection
Flask Jinja2 Django Bugcrowd AkShAy KaTkAr Wappalyzer GCE
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 23 hours ago · details