XXE Injection 8
- Exploiting XXE via image file upload
- Exploiting XInclude to retrieve files
- Exploiting blind XXE to retrieve data via error messages
- Exploiting blind XXE to exfiltrate data using a malicious external DTD
- Blind XXE with out-of-band interaction via XML parameter entities
- Blind XXE with out-of-band interaction
- Exploiting XXE to perform SSRF attacks
- Exploiting XXE using external entities to retrieve files