insomnia
insomnia copied to clipboard
Template Injection
Describe the bug Inso crashed while uploading files, contain template injection payloads as file name
Insomnia is a perfect tool for web pentesting, So while uploading file, with "{{7*7}}" as filename Inso will render this input and showing the following error :
ENOENT: no such file or directory, stat '/Users/oxxy37/Desktop/tmp/49
Inso respond to the injection payload with 49
Field: Request.body.params[0].fileName
Screenshots
Desktop
- OS: macOS 10.15.4
- Installation Method: Insomnia.Core-2020.4.2.dmg
- App Version: v2020.4.2
- Curl: curl 7.64.1 (x86_64-apple-darwin19.0) libcurl/7.64.1 (SecureTransport) LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Hi @oxxy1337
Have you tried this on our newest release, available here: https://github.com/Kong/insomnia/releases/tag/core%402022.5.0? Thank you and I await your reply.
I'm going to close this issue for now, please feel free to open a new one when you've reproduced it on the latest version.