Skip to content

XML-Injection

links: WS TOC - Injections - Index


How it works

The system somehow uses XML. This can be an XML database, an API accepting XML and so on. The idea of XML-Injection is to somehow poison such a communication by hijacking the XML document. Like this the system shall be forced to behave somehow different as expected.

Risks

The Risk of XML-Injection lies in API's not able to parse XML because they are not valid anymore.

Techniques to use vulnerabilities

XML-Injection are caused by abusing metacharacters of XML. These include:

  • Single Quote '
  • Double Quote "
  • < and >
  • Comments <!-- -->
  • & char which signals linking to an XML class
  • CDATA sections

With this we can perform various attacks:

Protect

Validate incoming XML. Deny XML documents containing unwanted or unknown content. Validate fields reading from the XML structure, escaping metacharacters. Validate your inputs :)

More on XML Security:


links: WS TOC - Injections - Index