Exploiting Unknown Syntaxes - Character Name

Exploiting Unknown Syntaxes - Character Name

The web application offers an online game where you have to capture the flag and avoid all hidden mines at all costs. will you be able to capture the flag?

It seems that this web application is vulnerable to a SSTI (Server-Side Template Injection), but we can't type the dollar sign ($) character to exploit it, or can we?

Note: The flag can be found in the environment variable named: FLAG

Goal

Find a way to exploit a SSTI to perform a Remote Code Execution (RCE) and gain access to the vulnerable web application.