Analysis
XXE: When an XML Parser Reads Files It Should Not
XML has a feature that lets a document pull in outside content. Point it at a local file or an internal server and a helpful parser becomes a data leak. Here is how XML External Entity attacks work.
9 min read·#xxe#web-security#xml