https://www.vsecurity.com//download/publications/XMLDTDEntit...
Granted, most modern parsers disable the features that can trigger this by default. But there's still a lot of code out there compiled against libraries that did not, and some of that code is still updated and extended today.
https://www.vsecurity.com//download/publications/XMLDTDEntit...
Granted, most modern parsers disable the features that can trigger this by default. But there's still a lot of code out there compiled against libraries that did not, and some of that code is still updated and extended today.