Description
Edge Side Include injection (ESI Injection) is a vulnerability that allows an attacker to reflect ESI tags in the HTTP response.
The ESI language is based on a small set of XML tags and is used in many popular HTTP surrogate solutions to tackle performance issues by enabling heavy caching of Web content. ESI tags are used to instruct a reverse-proxy (or a caching server) to fetch more information about a web page for which a template is already cached. If an attacker can successfully reflect ESI tags in the HTTP response, then the surrogate will blindly parse and evaluate them, believing they are legitimate tags that are served from the upstream server.
Remediation
Apply context-dependent encoding and/or validation to user input rendered on a page. Mitigation techniques against XSS recommended for the language or framework you are using will often be enough to protect against ESI injections.
References
Related Vulnerabilities
WordPress Plugin WP Google Maps Cross-Site Scripting (7.11.34)
WordPress Plugin Affiliate Power-Sales Tracking for Affiliate Marketers Cross-Site Scripting (2.2.0)
WordPress Plugin WP-Ban Cross-Site Scripting (1.69)
WordPress Plugin YITH Maintenance Mode Cross-Site Scripting (1.1.4)
WordPress Plugin Variation Swatches for WooCommerce Cross-Site Scripting (2.1.1)