About Client-side Template Injection
Client-side Template Injection vulnerabilities occur when user input is directly processed by client-side template engines without proper sanitization, leading to XSS and other security issues.
Common CSTI Attack Types
Basic CSTI: Simple client-side template injection
Filter Bypass: Bypassing client-side security filters
URL Parameters: CSTI via URL parameters and fragments
Advanced Techniques: Complex methods to bypass modern protections
CSTI with XSS: Client-side template injection leading to XSS
Common Vulnerable Template Engines
Angular: {{ }}, [ ], ( ), $eval(), $parse()
Vue.js: {{ }}, v-html, v-text, v-model
React: JSX, dangerouslySetInnerHTML, { }
Handlebars: {{ }}, {{{ }}}, {{#each}}, {{#if}}
Mustache: {{ }}, {{{ }}}, {{#section}}, {{^section}}
Real-World Impact
Cross-Site Scripting (XSS)
Data theft and sensitive information disclosure
Session hijacking and account takeover
Malicious redirects and phishing attacks
Keylogging and form hijacking
Compliance violations and security breaches