Open HavenDV opened 1 year ago
XmlDocument load is vulnerable to XXE attacks (XML external entity injection)
it can allow someone to perform SSRF attacks and read local files by sending an AMF request with XML data
Here is some more info that may help https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca3075
I don't remember exactly, I think not
XmlDocument load is vulnerable to XXE attacks (XML external entity injection)
it can allow someone to perform SSRF attacks and read local files by sending an AMF request with XML data
Here is some more info that may help https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca3075