← All Labs
SSTI — Jinja Sandbox Escape
DocsRender uses a Jinja-style template engine in 'safe mode' — only basic variables are exposed. The sandbox is incomplete. Read the secret stored on a non-exposed object.
DocsRender uses a Jinja-style template engine in 'safe mode' — only basic variables are exposed. The sandbox is incomplete. Read the secret stored on a non-exposed object.