CardCraft — Template Injection

CardCraft builds greeting cards by concatenating your name directly into a Pug template. Inject template syntax to leak the server's FLAG environment variable.

Step-by-step walkthrough ↗

Inject template syntax into the greeting card generator to confirm SSTI and read the flag from the environment.