xml external entity (xxe) injection

XML external entity (XXE) injection is a security vulnerability where an attacker injects malicious XML content into an application, causing it to disclose sensitive information, execute arbitrary code, or perform unintended actions. This occurs when the application overlooks or fails to properly handle external entities within XML data, allowing attackers to exploit them for their benefit.

Requires login.