XML External Entity - XXE Attack
XXE is a web-based vulnerability that enables an adversary to interfere with XML data processes in a web application. An XXE attack can be carried out by exploiting the way in which XML parses data. An XXE attack can lead to - denial of service (DoS), server-side request forgery (SSRF), local file inclusion (LFI), directory traversal, remote code execution (RCE), network port scanning. There are two types of XXE attacks:...