• Tags
access
administrators
analysis
and
API
Application
architects
architecture
(ASM)
assessment
(AST)
Attack
attacks
auditing
automation
awareness
beginners
best
box
Browser
career
center
Cloud
Code
coding
compliance
composition
Container
Cross-site
culture
cycle
(DAST)
Data
Database
Denial-of-service
developers
development
DevSecOps_longer
(DLP)
(DoS)
Dynamic
education
Embedded
Encryption
engineering
engineers
Enterprise
escalation
event
everyone
executives
exploit
Extensible
firewall
for
Fuzz
governance
Grey
(IAM)
Identity
In-memory
incident
information
InfoSec
injection
Input
Integration
intelligence
interface
IT
language
life
loss
Malware
management
managers
markup
metrics
Mobile
modeling
monitoring
Network
Object-oriented
(OOP)
Open
Operating
operations
(OWASP)
Password
Phishing
Physical
policy
practices
prevention
Privilege
professionals
programming
project
protection
Ransomware
(RASP)
response
review
Risk
Runtime
(SAST)
(SCA)
scripting
(SDLC)
Secure
security
security_longer
self-protection
Side-channel
(SIEM)
(SOC)
software
Static
surface
system
systems
testers
testing
Threat
training
trust
validation
vulnerability
(WAF)
(WAST)
weaknesses
web
Wireless
(XML)
(XSS)
Zero
Zero-day

XML Injection: A Dangerous Vulnerability

XML injection is a type of attack that can be used to exploit vulnerabilities in web applications that process XML data. In an XML injection attack, an attacker can insert malicious XML code into an XML document that is sent to a web application. This malicious code can then be executed by the web application, allowing the attacker to gain unauthorized access to the application or its data. XML injection attacks can be used to perform a variety of malicious activities, including:

March 27, 2022 Read

Object-oriented programming (OOP) injection: A threat to your code

In object-oriented programming (OOP), classes are used to represent real-world objects. Classes have attributes, which represent the properties of an object, and methods, which represent the actions that an object can perform. OOP injection is a type of code injection attack that takes advantage of the way that classes are defined in OOP languages. In an OOP injection attack, an attacker injects malicious code into a class definition. This malicious code can then be executed when the class is instantiated.

August 31, 2021 Read