Closed PeeHaa closed 5 years ago
We need to find out whether by default DOMDoc is vulnerable to XXE attacks.
If it is we need to either disable the entity loader entirely or replace entities before loading with entities under out control.
We need to find out whether by default DOMDoc is vulnerable to XXE attacks.
If it is we need to either disable the entity loader entirely or replace entities before loading with entities under out control.