Joel O.joelodey.hashnode.dev·Apr 16, 2024Lab: Exploiting XInclude to retrieve filesLab Scenario: Our mission is to exploit XInclude through a web application's "Check stock" feature. By intercepting and manipulating a POST request, we intend to use XInclude to retrieve files from the server. Let's proceed with the solution: Interc...PortSwigger XML external entity (XXE) injectionxxeAdd a thoughtful commentNo comments yetBe the first to start the conversation.