Learn about XML External Entity (XXE) Injection in this 19-minute video from Bugcrowd University. Explore this OWASP-defined attack that targets applications parsing XML input, potentially leading to confidential data disclosure, denial of service, server-side request forgery, and other system impacts. Understand how weakly configured XML parsers process external entity references, and gain insights into detecting and preventing this critical security vulnerability.
Overview
Syllabus
XML External Entity Injection
Taught by
Bugcrowd
Related Courses
-
Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities
-
Protecting Against XML External Entity and Deserialization Attacks in ASP.NET and ASP.NET Core
-
Previous OWASP Risks
-
OWASP Top 10 - A4:2017 - XML External Entities
-
Web Application Penetration Testing: Input Validation
-
Intigriti Hackademy
5.0
