What is XML Vulnerability?

XML Vulnerability

An XML External Entity (XXE) vulnerability involves exploiting how an application parses XML input, more specifically, exploiting how the application processes the inclusion of external entities included in the input. To gain a full appreciation for how this is exploited and its potential, I think it’s best for us to first understand what the eXtensible Markup Language (XML) and external entities are. Also Read :- CSRF, XSS A metalanguage is a language used for describing other languages, and that’s what XML is. It was developed after HTML in part, as…

Read More

Open Redirection

Open Redirection

According to the Open Web Application Security Project, an open redirection occurs when an application takes a parameter and redirects a user to that parameter value without any conducting any validation on the value. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it, abusing the trust of a given domain to lead users to another. The malicious website serving as the redirect destination could be prepared to look like a legitimate site and try to collect personal / sensitive information. Check out…

Read More