Review Note
Last Update: 04/27/2023 06:15 AM
Current Deck: Software Security
New Card (Unpublished)Currently Published Content
Front
Back
No published tags.
Pending Suggestions
Field Change Suggestions:
Front
Commit #1543
What are 6 defenses against XML attacks?
Back
Commit #1543Upgrade XML processors and libraries
Update SOAP version ≥ 1.2
Whitelisting, server-side input validation, sanitization
Verify that XML or XSL file upload functionality validates incoming XML using XSD schema validation or similar (?)
Code analysis tools
Disable XXE
In most Java XML parsers, XXE are enabled by default