A Hands-on XML External Entity Vulnerability Training Module

Many web applications that accept and respond to XML requests are vulnerable to XML External Entity (XXE) attacks due to default XML parser settings. This vulnerability can be exploited to read arbitrary files from the server, including sensitive files such as the application configuration files....
Carrie Roberts
November 4, 2013

All papers are copyrighted. No re-posting of papers is permitted