🎯 XML External Entity (XXE) Injection Payload List

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

Oracle Attip XML Entity Exploit

Another way(as an extension) to fix CVE-2024-34102(XXE vulnerability) with extra XML Security enhancement. If you cannot upgrade Magento or cannot apply the official patch, this one is an alternative solution.

A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.