RCE with Expression Language (EL) Injection in API

By Akash Shukla in Vulnerability on

In one of the recent Pentest, I was testing APIs and came across this fancy vulnerability name Expression Language (EL) Injection reported by Burpsuite (Thanks to portswigger for making this beautiful tool) Read more about EL Injection here [https://portswigger.net/kb/issues/00100f20_expression-language-injection] So I injected payload ${\"…

CSV Injection in Tableau Desktop & Server

By Akash Shukla in CSV Injection on

Tableau Server Version: 10.1.13 (10100.17.1130.2000) 64-bit Tableau Desktop Version: 10.1.13 (10100.17.1130.2000) 64-bit What is Tableau? Tableau is groundbreaking data visualization software created by Tableau Software. Tableau connects easily to nearly any data source, be it corporate Data Warehouse, Microsoft Excel…