Tag: XXE Injection

Cheat Sheets Infrastructure Web Application Security

XXE Cheatsheet – XML External Entity Injection

Post author By HollyGraceful
Post date May 16, 2015

All the fun of the post on XML External Entities (XXE) but less wordy!

A internal entity:

<!--?xml version="1.0" ?-->
<!DOCTYPE replace [<!ENTITY example "Doe"> ]>
 <userInfo>
  <firstName>John</firstName>
  <lastName>&example;</lastName>
</userInfo>

Continue reading

Tags Cheat Sheet, Cheatsheet, Web App, Web Application Security, XML, XML External Entity Injection, XXE, XXE Injection