← Cybersecurity Alphabet Soup

XXE

XML External Entity

attacksmedium

An XML External Entity attack abuses XML parsers that process external entity references embedded in submitted documents. Attackers can use it to read local files, probe internal networks, or cause denial of service. It matters because XML is still widely used in enterprise integrations, and the fix is simply disabling external entity processing in the parser.

Sources

More in attacks