XML External Entities (XXE) is a dangerous vulnerability, currently ranked fourth (A4) in the OWASP Top Ten. Resolving this vulnerability should be a high priority for all Java developers.
- Demonstrate why XXE is so dangerous
- Show you how this vulnerability is typically resolved – in each and every place in the code that you parse an XML file
- Show you the better resolution – set a couple of system Java system properties once, and never worry about XXE again.
The video recording is published here.