Open chushuai opened 4 months ago
https://portswigger.net/academy/labs/launch/1ad475bf32f0d913c25ead9582f05687c1ad039228d0a3c8d56c768fd2250a2b?referrer=%2fweb-security%2fxxe%2fblind%2flab-xxe-with-out-of-band-interaction
{ "url": "https://0aec003c031cb2b3809f12cf00dd00b7.web-security-academy.net/product/stock", "method": "POST", "headers": { "Accept": "*/*", "Accept-Encoding": "gzip, deflate, br", "Accept-Language": "en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7", "Connection": "keep-alive", "Content-Length": "108", "Content-Type": "application/xml", "Cookie": "session=RFiaEfxkxJB5m1AUxrkby5o2cec87SkG", "Origin": "https://0aec003c031cb2b3809f12cf00dd00b7.web-security-academy.net", "Referer": "https://0aec003c031cb2b3809f12cf00dd00b7.web-security-academy.net/product?productId=17", "Sec-Ch-Ua": "\" Not;A Brand\";v=\"99\", \"Google Chrome\";v=\"97\", \"Chromium\";v=\"97\"", "Sec-Ch-Ua-Mobile": "?0", "Sec-Ch-Ua-Platform": "\"Linux\"", "Sec-Fetch-Dest": "empty", "Sec-Fetch-Mode": "cors", "Sec-Fetch-Site": "same-origin", "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36" }, "data": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><stockCheck><productId>17</productId><storeId>1</storeId></stockCheck>", "source": "" }
https://portswigger.net/academy/labs/launch/1ad475bf32f0d913c25ead9582f05687c1ad039228d0a3c8d56c768fd2250a2b?referrer=%2fweb-security%2fxxe%2fblind%2flab-xxe-with-out-of-band-interaction