Exploiting XXE via File Upload

Before moving further we must get familiar with XXE. So please check my previous blogs on it.

https://medium.com/@gupta.bless/exploitation-xml-external-entity-xxe-1f5f3e7bc5c4

We have learnt about XXE previously but there is one more thing we need to understand before going ahead, unrestricted file upload vulnerabilities. So you can read my previous blog for that one as well.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store