What is Server Side Include Injection?

"SSI Injection (Server-side Include) is a server-side exploit technique that allows an attacker to send code into a web application, which will later be executed locally by the web server. SSI Injection exploits a web application's failure to sanitize user-supplied data before they are inserted into a server-side interpreted HTML file." - The Web Application Security Consortium Threat Classifications Project

Read more about SSI


Feed You can follow this conversation by subscribing to the comment feed for this post.

Post a comment

Remember personal info?