all InfoSec news
Importance of stacking entities in a XXE?
Nov. 10, 2023, 4:17 p.m. | /u/FreeRaider1
cybersecurity www.reddit.com
I've been trying to understand some concepts regarding XXE attacks. I'm using the incredible content of PortSwigger: [https://portswigger.net/web-security/xxe/blind](https://portswigger.net/web-security/xxe/blind)However, there is a thing that I don't understand and I've been unable to find an answer. I will appreciate any kind of help.
When discussing blind XXE, they mention the importance of hosting a malicious DTD file and then reference it within the XML payload. It is important to use an external DTD because when using external DTD you can …
cybersecurity entities error external file hosting important malicious payload reference study xml xxe
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Information System Security Officer (ISSO)
@ LinQuest | Boulder, Colorado, United States
Project Manager - Security Engineering
@ MongoDB | New York City
Security Continuous Improvement Program Manager (m/f/d)
@ METRO/MAKRO | Düsseldorf, Germany
Senior JavaScript Security Engineer, Tools
@ MongoDB | New York City
Principal Platform Security Architect
@ Microsoft | Redmond, Washington, United States
Staff Cyber Security Engineer (Emerging Platforms)
@ NBCUniversal | Englewood Cliffs, NEW JERSEY, United States