#Server-side_Template_Injection | samiko@127.0.0.1~$

RedPanda - HackTheBox Writeup (10.10.11.170)

Easy-difficulty Linux box on exploiting a server-side template injection vulnerability in a Spring Boot web application, then a not-so-easy privilege escalation involving an XML external entity injection vulnerability in a custom view counter script.

Posted on Fri, Jan 20, 2023 Easy Linux Web Application Server-side Template Injection XXE Injection