Site icon API Security Blog

XML External Entity (XXE)

swift is vulnerable to XML External Entity (XXE) attacks. The vulnerability allows a remote authenticated attacker to access potentially sensitive data in S3 buckets by persuading the `S3 API` into returning arbitrary file contents from the host server.Read More

Exit mobile version