XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents. The malicious XPath Injection input can lead to un-authorised access or exposure of sensitive information such as structure and content of XML document. It can be used directly by an application to query an XML document, as part of a larger operation such as applying an XSLT transformation to an XML document, or applying an XQuery to an XML document.
Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.
✕