English
•
Deutsch
•
Français
•
Nederlands
•
Español
•
Italiano
•
Português
•
Русский
•
日本語
•
中文
•
한국어
•
తెలుగు
•
मराठी
•
தமிழ்
•
Türkçe
•
Ελληνικά
•
Polski
•
Čeština
•
Magyar
•
Svenska
•
Dansk
•
Suomi
•
Українська
•
العربية
•
Indonesia
XML Entity Injection Attack
XML Entity Injection Attack ek security vulnerability hai jiska istemaal attackers dwara kiya jaata hai application ke security ko breach karne ke liye. Ye vulnerability XML documents ke use ke dauraan exploit ki jaati hai.
Jab koi user input ko XML document mein bhejta hai aur is input mein special character jaise ki ‘<’ ya ‘>’, toh is input se ek XML entity create hoti hai. Attackers is vulnerability ka fayda uthate huye iss entity ko exploit karke sensitive information access kar sakte hai ya phir server ko control kar sakte hai.
Yeh vulnerability bhot serious hoti hai aur isse bachne ke liye humein apne applications ko sanitize karna hota hai taki koi bhi malicious user input humare application ko compromise na kar paaye.