Exploitation :XML External Entity (XXE)

INDEX

What is XXE

Types

Exploit XXE

Preventive Measures /Mitigation

What is XXE: An XML External Entity attack is a type of attack against an application that parses XML input. It often allows an attacker to view files on the application server file system, and to interact with any backend or external systems that the application itself can access.

In some cases, XXE can also be used to perform server-side request forgery, port…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store