IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [xml]

XML (Extensible Markup Language) is a set of rules for encoding documents in both human-readable and machine-readable form. Use this tag for security issues relating to the format itself, or where the fact that the data is xml-formatted is core to the question.

XML (Extensible Markup Language) is a set of rules for encoding documents in both human-readable and machine-readable form.

It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards.

77 questions
73
votes
6 answers

Why would I ever use AES-256-CBC if AES-256-GCM is more secure?

I guess the gist of my question is: Are there cases in which CBC is better than GCM? The reason I'm asking is that from reading this post by Matthew Green, and this question on cryptography stack exchange, and this explanation of an attack on XML…
The Quantum Physicist
  • 929
  • 1
  • 6
  • 9
65
votes
3 answers

Why do email programs block xml files?

A colleague sent a .xml file to me earlier today, which was blocked by Outlook. As we were discussing the workaround (put it in a .zip), we got to wondering why .xml files are blocked. My colleague reckons it's because the browser is the default…
KidneyChris
  • 685
  • 1
  • 5
  • 7
38
votes
8 answers

How to know whether a textfile has been edited or tampered with?

Is it possible to know whether a textfile, e.g. in XML format, has been edited or tampered with over time? The context to my question follows: I am a scientist in industry using a technology called 'mass spectrometry (MS)'. MS is an analytical…
Drew Gibson
  • 507
  • 4
  • 6
12
votes
4 answers

Execute a PHP function that returns an array from an XSL file

There is a security challenge where you have to execute code on the server to retrieve a flag, and this code has to be executed using an XSL document. So I found a way to make the server interpret my own XSL file, And I used the php:function…
Sidahmed
  • 639
  • 2
  • 9
  • 26
12
votes
1 answer

Is PHP loadXML vulnerable to XXE attack (and to other attacks)? Is there a list of vulnerable functions?

I have PHP code that uses the loadXML function (as well as other XML functions). Is the loadXML function vulnerable to XXE attack? Namely, if the XML contains external entities, will they be interpreted? Is this function vulnerable to other XML…
Gari BN
  • 485
  • 1
  • 6
  • 14
11
votes
1 answer

Public XSLT & XML playground (with PHP DOMDocument, etc.) Security Risks?

Let's say I want to set up a sandbox or playground in PHP that users can use to create (or paste in) XML and XSLT, then transform the XML via the XSLT (by means of PHP 5's DOMDocument and related objects). So, in a simple example, we'd have a form…
tex
  • 213
  • 1
  • 5
11
votes
3 answers

If an XML document is not validated as "Well Formed" or checked against a schema, what are the risks?

When processing an XML document in my application, what are the risks? E.g. if it is not "Well Formed" or is not checked against a schema.
Phoenician-Eagle
  • 2,167
  • 16
  • 21
11
votes
4 answers

Is this a weakness of enveloped XML signature?

There might be a problem in many applications based on XML signature verification (provided I am not wrong, of course). Let's have a simple XML message with an enveloped XML signature:
vojta
  • 356
  • 4
  • 16
8
votes
2 answers

Is XML encryption actually broken?

I recently stumbled on this post: XML Encryption Broken, Need To Fix W3C Standard I was expecting to find lots of information online about it, but there isn't actually all that much detail. Since I'm using WCF with lots of message level security…
JohnDoDo
  • 81
  • 2
8
votes
1 answer

Is .NET XmlSerializer.Deserialize(TextReader) safe?

Is the .NET method XmlSerializer.Deserialize(TextReader) safe from XML vulnerabilities (XXE, XmlBomb etc..)? Will the DTD be processed during deserialization? I can understand why XmlSerializer.Deserialize(XmlTextReader) can be unsafe if…
Nagarjuna Borra
  • 315
  • 2
  • 7
7
votes
1 answer

How can XML Injection be exploited , need example?

So I found this explanation for a vulnerability on some cms : The XML parser at /WorkArea/Blogs/xmlrpc.aspx is vulnerable to XML external entity attacks which can be used to Scan behind perimeter firewalls or possibly include files from the…
Daniel
  • 1,422
  • 3
  • 21
  • 32
6
votes
2 answers

Does anyone use XML Encryption?

The XML standard defines a mechanism for encrypting the data in a XML document. It's part of the standard. Does anyone use this XML encryption format? Are there any significant deployed systems that use XML encryption? Is it used in practice, or…
D.W.
  • 98,420
  • 30
  • 267
  • 572
6
votes
3 answers

How do I test and secure ASN.1 Parsers?

As far as I can tell, .NET doesn't have an ASN.1 parser for reading or writing data built in the framework. This means that any code that creates or verifies ASN.1 data is using a 3rd party library of varying quality. Bouncy Castle, and…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
5
votes
1 answer

How does a developer interact with Microsoft Certificate *Web Services*

Microsoft Certificate Web Services is a HTTPS web service (WS-Trust) that has no Kerberos dependency and can be used on a variety of devices. This is new in Windows 2008 and is separate from the browser based key request system that has existed in…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
5
votes
0 answers

Can XXE be exploited when disallow-doctype-decl is set to true (Apache)?

I found out that an endpoint of a website may be vulnerable to XXE. It is using Unmarshal as an XML parser. When I try to send a post request using common XXE payloads, I receive the following response from the…
Jyosk Natalm
  • 61
  • 3
1
2 3 4 5 6