diff --git a/ssti.py b/ssti.py
new file mode 100644
index 0000000..9e107a4
--- /dev/null
+++ b/ssti.py
@@ -0,0 +1,41 @@
+# app_vulnerable.py
+from flask import Flask, request, render_template_string
+
+app = Flask(__name__)
+
+@app.route('/', methods=['GET', 'POST'])
+def index():
+ name = ''
+ if request.method == 'POST':
+ # VULNÉRABLE : on concatène directement la saisie dans un template string
+ name = request.form.get('name', '')
+ template = f"""
+
+
+ SSTI demo (vuln)
+
+ Bonjour {name} !
+ Ce template est rendu côté serveur via render_template_string.
+
+
+
+ """
+ return render_template_string(template)
+ return '''
+
+
+ SSTI demo (vuln)
+
+ Bonjour !
+
+
+
+ '''
+if __name__ == '__main__':
+ app.run(debug=True)