What is?
XML External Entity (XXE) Injection
An injection flaw that exploits XML parsers to disclose files, SSRF, or execute code.
Disable dangerous XML features and prefer safer data formats to prevent XXE.
- Parser hardening
- Input validation
- SSRF mitigation
Explore More