Tag

Xxe

Browsing

When it comes to XXE issues, hackers have multiple ways to take advantage of WAF configurations. We are going to show you four ways hackers trick WAFs, sneaking XXE issues past their defenses. 4 hacker XXE methods for bypassing WAFs: Extra document spacesInvalid formatExotic encodingsOne doc: two types of encoding Once you understand the issue, you should be able to restore the fire to your defenses. We will show you how. A little background on XXE…

With all the time and resources we allocate to finding application vulnerabilities it’s easy to forget that 3rd party libraries and software can introduce vulnerabilities into our applications as well. Hackers know this and they try to exploit them. In this blog post we will illustrate a vulnerability found within one of the LinkedIn services. The security issue was discovered in December 2015 and was fixed within 24 hours by the LinkedIn team. What is XXE…