Open itkaa opened 7 months ago
XPath injection is a vulnerability that arises when unsafe input is used in the construction of XPath query strings. Since XPath does not allow for data manipulation, exploiting an XPath injection vulnerability cannot result in unauthorised modification of the target XML document. However, depending on how the application uses the result of an XPath query, it may affect subsequent processing and allow unauthorised access to data or application functionality.
Tracking issue for: