Improper Neutralization of Data within XPath Expressions ('XPath Injection') Archives

CWE-643 – Improper Neutralization of Data within XPath Expressions (‘XPath Injection’)

Description The software uses external input to dynamically construct an XPath expression used to retrieve data from an XML database, but it does not neutralize...

rocco

May 26, 2022May 26, 2022

Columbus Ransomware Attack Exposes Data of 500,000 Residents

Cybercriminals Exploit DocuSign APIs to Send Fake Invoices

Nigerian Handed 26-Year Sentence for Real Estate Phishing Scam

Google Researchers Claim First Vulnerability Found Using AI

US Says Russia Behind Fake Haitian Voters Video

Sophos Versus the Chinese Hackers

Supply Chain Attack Uses Smart Contracts for C2 Ops

UK Council Sites Recover Following Russian DDoS Blitz

Booking.com Phishers May Leave You With Reservations

Tag: Improper Neutralization of Data within XPath Expressions (‘XPath Injection’)

CWE-643 – Improper Neutralization of Data within XPath Expressions (‘XPath Injection’)