filmov
tv
Java XXE: Read secret files when parsing XML files
Показать описание
Today we are going to search for some vulnerabilities in the code responsible for XML parsing.
This attack is called XML eXternal Entity.
The XML standard is quite complicated.
One of the additional functionalities is the ability to create entities.
They are similar to macros, for example from C language.
#from0topentestinghero #security #java
This attack is called XML eXternal Entity.
The XML standard is quite complicated.
One of the additional functionalities is the ability to create entities.
They are similar to macros, for example from C language.
#from0topentestinghero #security #java
0:03:05
0:09:37
0:20:11
0:33:26
0:01:56
0:03:01
0:01:05
0:03:10
![[XXE Injection] External](https://i.ytimg.com/vi/c3lABjEbypk/hqdefault.jpg)
0:02:23
0:01:39
0:03:13
0:03:13
0:01:26
0:08:08
0:03:51
0:31:21
0:04:42
0:10:29
0:10:29
0:22:11
0:39:32
0:08:20
0:01:09
0:01:25