New XML technique! Encode any DTD/XML inside an internal entity, and fly under WAF radars!
? XXE WAF Bypass
? Works when there is no XXE, but there is a vuln in the XML body, e.g. SQL Injection
#ptswarmTechniques https://t.co/szO26kwcZj
Subscribe for the latest news: