Server-Side Template Injection
Server-Side Template Injection occurs when user input is embedded directly into a server-side template and then evaluated by the template engine. Because template engines can execute expressions, this often escalates to full remote code execution on the server. It matters as web frameworks increasingly rely on templating, and the fix is never mixing untrusted input into template logic.