Client Side Template Injection


Client-side injection results in the execution of malicious code on the mobile device via the mobile app. Typically, this malicious code is provided in the form of data that the threat agent inputs to the mobile app through a number of different means. The data is malformed and is processed (like all other data) by the underlying frameworks supporting the mobile app

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Web App ScanningWeb ApplicationsAuthenticated ScanHTTP/HTTPSClient Side Template InjectionPlugin IDs: 112684


Client-Side Template Injection

Attack Path Technique Details

Framework: OWASP

Family: Injection

Sub-Technique: Client Side Injection

Platform: Web Application

Products Required: Tenable Web App Scanning

Tenable Release Date: 2022 Q2