Security Zines
Simple explanations for security topics by
Rohit
Brought to you by
Zines
Flyers
Printies
Be a Member
XXE - XML External Entity Attack - Sponsored by
@intigriti
This
XXE
flyer is sponsored by
@intigriti
.
Intigriti
is Europe's Ranked 1, Bug Bounty platform with close to
200+ active programs
and 40
K active researchers.
If you are a security researcher by yourself, register right now at
@intigriti
They offer great learning platform for researchers and their
YT Channel
can help you kick start your bug bounty journey.
XXE is the attack to XML
parser where weakly configured XML parser, trusts the XML input coming from the client and parses the external entities back to the response. Which may lead to exfiltration of data. XXE can also lead to SSRF in poorly configured web application servers.
Thanks to
@PascalSec
(AKA
@hacksplained
) for the rigorous review.
Download & Print
Short Read @ Hacklido