Rossino Rossano
UniCa Ateneo Docenti e ricercatori Rossano Rossino Ricerca Prodotti della Ricerca (IRIS)

Rossano Rossino

An Assessment of the Overlooked Dangers of Template Engines

Pisu, Lorenzo
;Maiorca, Davide;Giacinto, Giorgio
2026-01-01

Abstract

Template engines play a pivotal role in modern web application development by enabling the dynamic rendering of content, products, and user interfaces. Today, they are essential for any website that handles dynamic data, from e-commerce to social media. However, their widespread adoption also makes them attractive targets for attackers seeking to exploit vulnerabilities and gain unauthorized access to web servers. This paper presents a comprehensive assessment of the risks associated with template engines, with a particular focus on the consequences of Server-Side Template Injection (SSTI) and the ease with which such vulnerabilities can escalate to Remote Code Execution (RCE), a critical security concern in web application development.
2026
Inglese
ACM TRANSACTIONS ON THE WEB
1
32
32
https://dl.acm.org/doi/10.1145/3799796
Esperti anonimi
scientifica
Template Engine; Server-Side Template Injection; SSTI
no
Pisu, Lorenzo; Maiorca, Davide; Giacinto, Giorgio
1.1 Articolo in rivista
info:eu-repo/semantics/article
1 Contributo su Rivista::1.1 Articolo in rivista
262
3
partially_open
File in questo prodotto:
File Dimensione Formato  
3799796 (2).pdf

Solo gestori archivio

Tipologia: versione pre-print
Dimensione 538.83 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
538.83 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
3799796.pdf

accesso aperto

Tipologia: versione post-print (AAM)
Dimensione 471.88 kB
Formato Adobe PDF
Visualizza/Apri
471.88 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Questionario e social

Condividi su:
Impostazioni cookie