Contents
References
- Portswigger: XXE
- Gaining Filesystem Access via Blind OOB XXE
- From blind XXE to root-level file read access
- Out-of-band XXE in PrizmDoc (CVE-2018–15805)
- Blind XML External Entities Out-Of-Band Channel Vulnerability : PayPal Case Study
- XXE in Uber to read local files
- GSA File Server - ASIS CTF Finals 2017
- http://nerdint.blogspot.com/2016/08/blind-oob-xxe-at-uber-26-domains-hacked.html
- Detecting and Exploiting XXE in SAML
- How we got read access on Google’s production servers
- Full Local File Read via Error Based XXE using XLIFF File
- Out of Band XXE in an E-commerce IOS app
- h1{Error based XXE - bug bounty writeup}
- XXE-scape through the front door: circumventing the firewall with HTTP request smuggling
- $5,005 worth vulnerability Duplicated, How I loose $5,005 in a day? Denial of Service - Billion LAUGH Attack (XXE)
- Exploiting Out Of Band XXE using internal network and php wrappers
- Exploiting Out Of Band XXE using internal network and php wrappers
- Exploiting XXE with local DTD files
- From blind XXE to root-level file read access
- XSS to XXE in Prince v10 and below (CVE-2018-19858)
- An interesting XXE in SAP.
- OOB XXE in PrizmDoc (CVE-2018–15805)
- SOAP-Based Unauthenticated Out-of-Band XML External Entity (OOB-XXE) in a Help Desk Software
- XXE in IBM’s MaaS360 Platform
- XXE at Bol.com
- How I Found CVE-2018-8819: Out-of-Band (OOB) XXE in WebCTRL
- From RSS to XXE: feed parsing on Hootsuite
- 0day writeup: XXE in uber.com