This paper describes a Blind XPath Injection attack that enables an attacker to extract a complete XML document used for XPath querying, without prior knowledge of the XPath query.
e7b01772daac419ef8451d1e2780969c
© 2020 Packet Storm. All rights reserved.