Joel O.joelodey.hashnode.dev·Apr 29, 2024Lab: Exploiting XXE using external entities to retrieve filesLab Scenario: Our mission is to exploit XXE through a web application's "Check stock" feature, specifically using external entities to retrieve files. By intercepting and manipulating a POST request, we intend to use XXE to trigger the retrieval of s...8 likes·33 readsPortSwigger XML external entity (XXE) injectionxxeAdd a thoughtful commentNo comments yetBe the first to start the conversation.
