Attacks and Threats

What is XML External Entity Injection (XXE)?

XML External Entity Injection (XXE) is a web security vulnerability that allows attackers to interfere with an application’s processing of XML data. Attackers exploit these vulnerabilities to view files on the application server file system, and to interact with any systems that the application can access.

Back to education center

Free Assessment

Security for Everyone that Visits Your Website

Find out if your web application is hiding vulnerable, malicious, or dangerous code that could damage your customers and your business. No payment information required.

What is XML External Entity Injection (XXE)?

Ensuring PCI DSS 4.0 Compliance with Feroot: A Deep Dive into Requirement 6.4.3

Patient Privacy: Preventing Data Leakage in Healthcare

Free Assessment

Security for Everyone that Visits Your Website

HQ

Follow Us

What is XML External Entity Injection (XXE)?

Related Resources

Ensuring PCI DSS 4.0 Compliance with Feroot: A Deep Dive into Requirement 6.4.3

Patient Privacy: Preventing Data Leakage in Healthcare

Free Assessment

Security for Everyone that Visits Your Website

HQ

Follow Us