XXE and .Net
Posted by James Jardine on May 26, 2016 · Comments Off on XXE and .Net
Filed under: Development, Security
Filed under: Development, Security
XXE, or XML External Entity, is an attack against applications that parse XML. It occurs when XML input contains a reference to an external entity that it wasn't expected to have access to. Through this article, I will discuss how .Net handles XML for certain objects and how to properly configure these objects to block ...