Server Side Template Injection with Flask and Jinja2
Introduction Last week I took part in a CTF, and one of the problems from the “Web” category seems pretty intriguing to me. Although I was able to get the Flag, but couldn’t submit the flag in time, so no points for me 😔. The interesting thing about this problem was, that the technology which needed to be exploited was something I am pretty familiar with and had a lot of experience in, but still, even after working with that tech stack for years, I was unaware of this vulnerability....