Broker injection attack is a type of vulnerability that exploits misconfigured brokers, potentially allowing an attacker to read, write and inject information from/into their flow.
There are many scenarios in which a broker is used to transport the information between tasks.
In this scenario we'll have two actors: The producer needs an asynchronous and non-blocking way to send the email information to the worker.
Taking the above scenario as an example, if we could access the broker, we would be able to make the worker generate new tasks with arbitrary data, unleashing a broker injection.
This name was coined by Daniel García (cr0hn) at the RootedCON 2016 conference in Spain.