🔥 3-day streak
CompTIA PenTest+ (PT0-003)125 / 175
Question 125 of 175
During a web application assessment, a penetration tester notices that a 'greeting name' parameter is reflected directly in a rendered page. To test for server-side template injection, the tester submits the payload {{7*7}} and the response body displays '49'. Which follow-up action best confirms the vulnerability can be leveraged for remote code execution on the Flask/Jinja2 backend?
Reviewed for accuracy · Report an issueNext question