GUI testing wiki

❯

❯

XXE (XML external entities)

XXE (XML external entities)

Feb 27, 20261 min read

definition
XXE

Definition

An XML External Entity attacks is a class of attacks against an application that parses XML input.

This attacks happen when XML input comprising a link to an outer entity is processed by a bad configured XML parser. Can lead to:

disclosure of confidential data,
server side request fake,
rejection of service,
port scanning

References

Included in literature review, by (Onukrane, Skrodelis, et al., 2023)
Cited in QR-code exploitation, by (Averin, 2020)
Covered by a fuzzing tester, by (Neef, Kleissner, et al., 2024)

Graph View

Backlinks

OWASP Top 10 (2021)
Malicious QR-code threats and vulnerability of blockchain
What All the PHUZZ Is About. A Coverage-guided Fuzzer for Finding Vulnerabilities in PHP Web Applications
Navigating web application security. A survey of vulnerabilities and detection solutions

Created with Quartz v4.4.0 © 2026

GitHub
Discord Community