XML Injection Attack

Description

Attacker builds XML from malicious input. (check xpath injection attacks)

Vulnerabilities

• Inappropriate or lacking schema validation
• Dynamic XML generation using untrusted input

Countermeasures

• Validate schema against a defined XSD
• Perform context-sensitive encoding of untrusted input using an encoding library (e.g., IOSec)
• Untrusted input should be validated against an inclusion list before use (e.g., RegEx pattern, primitive type casting, domain constraint, etc.)