Insecure template rendering detected.


Do not include externally influenced or user-given input data in rendered templates. This is bad practice and can lead to code injection attacks.


✅ Always validate external data (for example, with a safe list) before rendering it in a template.

✅ Sanitize external data before rendering it in a template to remove special characters that could introduce an injection attack.


Associated CWE

OWASP Top 10