← All Labs
XXE — External Entity File Read
DocParse accepts XML uploads and parses them with external entities enabled. Inject an external entity reference that reads /etc/passwd from the server's filesystem.
DocParse accepts XML uploads and parses them with external entities enabled. Inject an external entity reference that reads /etc/passwd from the server's filesystem.