# Server Side Template Injection

* [Good hunters to help me about Server-Side Template Injection (Jinja2) ? ![✔](https://abs-0.twimg.com/emoji/v2/svg/2714.svg){{7\*'7'}} = 7777777 ![✔](https://abs-0.twimg.com/emoji/v2/svg/2714.svg){%for c in \[1,2,3\] %}{{c,c,c}}{% endfor %} = (1, 1, 1)(2, 2, 2)(3, 3, 3) ![Cross mark](https://abs-0.twimg.com/emoji/v2/svg/274c.svg){{ \[\].class.base.subclasses() }} = Empty ![Cross mark](https://abs-0.twimg.com/emoji/v2/svg/274c.svg){{''.class.mro()\[1\].subclasses()}} = Web app crash](https://twitter.com/adrien_jeanneau/status/1072218405091110913?s=20)