Learn about XML External Entity (XXE) Injection in this 19-minute video from Bugcrowd University. Explore this OWASP-defined attack that targets applications parsing XML input, potentially leading to confidential data disclosure, denial of service, server-side request forgery, and other system impacts. Understand how weakly configured XML parsers process external entity references, and gain insights into detecting and preventing this critical security vulnerability.
Overview
Syllabus
XML External Entity Injection
Taught by
Bugcrowd