2 matches found
Server-side Template Injection
giskard-agents is vulnerable to server-side template injection. The vulnerability is due to the ChatWorkflow.chat method passing its string argument directly to a non‑sandboxed Jinja2 Environment, where the input string is treated as a template by inlineenv.fromstring and an attacker can supply...
Improper Neutralization of Special Elements Used in a Template Engine
Overview giskard-agents is an A lightweight library that orchestrates LLM completions and agents in parallel workflows Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the ChatWorkflow.chat function. An attacker can...