A denial-of-service (DoS) attack that uses recursive entity expansion to overwhelm server resources like CPU and memory.
XML Injection occurs when an attacker inserts malicious XML data into a web application's processing function. This happens when an application accepts user input and fails to properly validate or sanitize it before it is processed by an XML parser. XML INJECTOR
Attackers use XML metacharacters like < , > , and & to manipulate the structure of an XML document. For example, they might inject a new user with administrator privileges into a registration form that stores data in an XML database. Common Types: A denial-of-service (DoS) attack that uses recursive entity
Targets applications using XPath queries to retrieve data; attackers can bypass authentication or extract sensitive info. XML INJECTOR