| Details | |
|---|---|
| Alert Id | 90035 |
| Alert Type | Active |
| Status | release |
| Risk | High |
| CWE | 94 |
| WASC | 20 |
| Technologies Targeted | All |
| Tags | |
Summary
When the user input is inserted in the template instead of being used as argument in rendering is evaluated by the template engine. Depending on the template engine it can lead to remote code execution.