dragonista

About

Username
dragonista
Joined
Visits
37
Last Active
Roles
Member

Activity

  • laszlo

    Hi, I'm writing in regard to Doctor's foothold.
    From what I've found & read here, the only thing I see is that 'New Message' in 'Doctor Secure Messaging' may be vulnerable to Server Side Template Injection. After analysis of HTTP communication I feel that it's Python.
    I tried all Python related injections (from https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server Side Template Injection) but nothing works. I also verified (for sanity) other languages ...
    Am I going in the right way ? Should the injection be escaped or what :> Could you help me without spoiling ;) ?

    October 16
Avatar

Howdy, Stranger!

Click here to create an account.