Targets applications using XPath queries to retrieve data; attackers can bypass authentication or extract sensitive info.
Attackers use XML metacharacters like < , > , and & to manipulate the structure of an XML document. For example, they might inject a new user with administrator privileges into a registration form that stores data in an XML database. Common Types: XML INJECTOR
Explodes vulnerabilities in how an application processes external entities, potentially allowing attackers to view local files on the server or perform Server-Side Request Forgery (SSRF) . Targets applications using XPath queries to retrieve data;
You’ve read {{metering-count}} of {{metering-total}} articles this month.
We want you to take advantage of everything Clinical Advisor has to offer. To view unlimited content, log in or register for free.
{{login-button}} {{register-button}}
Want to view more content from Clinical Advisor?
Register now at no charge to access unlimited clinical news with personalized daily picks for you, full-length features, case studies, conference coverage, and more.
{{login-button}} {{register-button}}
Please login or register first to view this content.