Office for Mac Users Warned of Malicious SYLK Files
Researchers warn XML macros embedded in SYLK files can sidestep Microsoft Office for Mac protections. Continue reading Office for Mac Users Warned of Malicious SYLK Files
Category Archives: XML
Bypassing Access-Control-Allow-Headers header
What i want to do is access the Content-type header which is placed under the Access-Control-Allow-Headers header as i want to attempt to change json to xml on a web application im working on to check if its vulnerable to XML… Continue reading Bypassing Access-Control-Allow-Headers header
New Bug Found in NSA’s Ghidra Tool
Flaw in National Security Agency’s Ghidra reverse-engineering tools allows hackers to execute code in vulnerable systems. Continue reading New Bug Found in NSA’s Ghidra Tool
XML External Entity injection within the body of a document
If you Google for an example of XXE injection you get something like this:
<?xml version=”1.0″ encoding=”ISO-8859-1″?>
<!DOCTYPE foo [
<!ELEMENT foo ANY >
<!ENTITY xxe SYSTEM “file:///dev/random” … Continue reading XML External Entity injection within the body of a document
What’s the use of an "extra" dynamic declaration in an external DTD blind XXE attack?
I’ve been studying XXE attacks through Portswigger’s Web Security Academy. I stumbled upon a lab Exploiting blind XXE to exfiltrate data using a malicious external DTD.
In this lab an attacker has to define an entity within XML request to … Continue reading What’s the use of an "extra" dynamic declaration in an external DTD blind XXE attack?
Avoid cross site scripting in XML namespace
We have a legacy application on spring mvc and we have a web service exposed (SOAP protocol) for some reporting client app. This service was tested by a security team and the report indicates that the service is vulnerable to XSS attack. T… Continue reading Avoid cross site scripting in XML namespace
XXE OOB and URL Length Limit
How would you read a large file by exploiting an XXE OOB vulnerability through HTTP? The file is very large and exceeds the limit of the URL (2048 characters). Any ideas?
CWE-611: Improper Restriction of XML External Entity Reference with XSL include
Veracode reports that the below code is susceptible to CWE-611: Improper Restriction of XML External Entity Reference.
XslCompiledTransform transform = new XslCompiledTransform();
transform.Load(xslwithospath);
StringWriter … Continue reading CWE-611: Improper Restriction of XML External Entity Reference with XSL include
CISecurity’s OVALRepo has decomposition module, but how to get the xml back afterwards? [on hold]
I am writing a lot of OVAL files and use pretty much the same objects and states. So i wanted to make it more flexible to manage. I used oval_decomposition.py script from CISecurity and got structure with files in different f… Continue reading CISecurity’s OVALRepo has decomposition module, but how to get the xml back afterwards? [on hold]
Risks of allowing users to upload PDF and XML files to be stored/retrieved from a DB (ASPNET MVC 5)
I’m modifying an ASPNET MVC 5 web site and a requirement is to allow users to upload an XML and PDF file.
The XML file will be used to layout text on the PDF based on variables coming from within the system.
I have a schema for the XML … Continue reading Risks of allowing users to upload PDF and XML files to be stored/retrieved from a DB (ASPNET MVC 5)