XML External Entity Injection
Tags
| attack-pattern: | Data Javascript - T1059.007 Python - T1059.006 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 6e114177-54d1-4c50-88ac-3554782b1555 |
| Fingerprint | 940b1d90e5a764b5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 16, 2023, 2:23 p.m. |
| Added to db | June 16, 2023, 5 p.m. |
| Last updated | Nov. 17, 2024, 6:30 p.m. |
| Headline | XML External Entity Injection |
| Title | XML External Entity Injection |
| Detected Hints/Tags/Attributes | 31/1/13 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | vk9-sec.com |
|
| Details | Domain | 180 | readme.md |
|
| Details | Domain | 62 | test.com |
|
| Details | Domain | 2 | learn.snyk.io |
|
| Details | Domain | 150 | www.w3.org |
|
| Details | 11 | test@test.com |
||
| Details | IPv4 | 88 | 169.254.169.254 |
|
| Details | IPv4 | 25 | 172.17.0.1 |
|
| Details | Url | 1 | https://vk9-sec.com/xml-external-entity-xxe-injection |
|
| Details | Url | 1 | https://learn.snyk.io/lessons/ssrf-server-side-request-forgery/javascript |
|
| Details | Url | 1 | http://172.17.0.1/malicious.dtd |
|
| Details | Url | 1 | http://172.17.0.1/?file=%file |
|
| Details | Url | 3 | http://www.w3.org/2001/xinclude |