XML External Entity – Beyond /etc/passwd (For Fun & Profit)

Robert Schwass*//   Last week I was asked twice in one day if I knew what XML External Entity (XXE) Vulnerabilities were. Maybe they are making a comeback in mainstream security buzz or sales jargon, I have no idea. (Often buzz-words propagated by the media or sales engineers become the driving factor for many of the […]

Read the entire post here