breakableflask Investigate updating XXE injection vulnerability to allow practical blind exploitation

Investigate updating XXE injection vulnerability to allow practical blind exploitation

Open stephenbradshaw opened this issue 4 years ago • 0 comments

Reminder to myself - look at other XML parsing libraries in Python to see if using something other than lxml will allow more practical/realistic blind exploitation of the vulnerability.

Oct 20 '20 00:10 stephenbradshaw

breakableflask breakableflask copied to clipboard

Investigate updating XXE injection vulnerability to allow practical blind exploitation

breakableflask
breakableflask copied to clipboard