XQuery Injection

XQuery Injection uses improperly validated data that is passed to XQuery commands. This in turn will execute commands on behalf of the attacker that the XQuery routines have access to. XQuery injection can be used to enumerate elements on the victim's environment, inject commands to the local host, or execute queries to remote files and data sources. Like SQL injection attacks, the attacker tunnels through the application entry point to target the resource access layer. XQuery Injection is a variant of the classic SQL injection attack against the XML XQuery Language.

Analyst Report

2022 State of API Security

Read this EMA report to understand why so many organizations have a false sense of security when it comes to APIs, how companies are documenting APIs, what they’re using them for, and best practices to keep them secure.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center
CyberPedia

XQuery Injection

2022 State of API Security

Contact Radware Sales

Already a Customer?

Get Social

Solutions

Free Assessment Tools

Products & Services

By Industry

Solutions

Products & Services

By Industry

Solutions

Products & Services

By Industry

Solutions

Products & Services

By Industry

Solutions

Products & Services

Documents

Events

Software Downloads

Security Research Center

Free Assessment Tools

XQuery Injection

2022 State of API Security

Contact Radware Sales

Already a Customer?

Get Social

What are you looking for?