Explore XML parser vulnerabilities and security implications in this 42-minute conference talk from AppSecEU 2016 in Rome. Delve into the journey from Document Type Definitions (DTD) to XML External Entity (XXE) attacks as speakers C. Mainka, C. Spth, and V. Mladenov evaluate various XML parsers. Gain valuable insights into potential security risks associated with XML processing and learn best practices for mitigating these threats. This presentation, part of the official OWASP Media Project, offers essential knowledge for application security professionals and developers working with XML technologies.
From DTD to XXE - An Evaluation of XML Parsers
Overview
Syllabus
AppSecEU 16 - C. Mainka, C. Spth, V. Mladenov - From DTD to XXE - An Evaluation of XML - Parsers
Taught by
OWASP Foundation
Related Courses
-
Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities
-
OWASP Top 10 - A05:2021 - Security Misconfiguration
-
XML External Entity Injection
-
Remediating XML External Entity Injection - Cyber Security Tutorial
-
XML External Entities Attacks - Advanced Exploitation Techniques
-
From Facepalm to Brain Bender - Advanced Web Security Challenges
