Diana, a software developer, utilizes a functionality that automatically generates the content of a web page without requiring manual intervention. This feature is seamlessly integrated with Server Side Includes (SSI) directives. Unfortunately, this introduces a vulnerability in the developed web application, as the feature accepts remote user inputs and incorporates them into the page. Malicious actors can exploit this vulnerability by inputting malicious SSI directives, enabling them to engage in harmful activities, including modifying and erasing server files. What type of injection attack is Diana's web application vulnerable to?