Techniques
Sample rules
Potential Server Side Template Injection In Velocity
- source: sigma
- technicques:
- t1190
Description
Detects exceptions in velocity template renderer, this most likely happens due to dynamic rendering of user input and may lead to RCE.
Detection logic
condition: keywords
keywords:
- ParseErrorException
- VelocityException
- TemplateInitException