From 643374e1d77141f537df49b146186e19eb6cc76e Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Wed, 5 Oct 2022 10:20:05 +0200 Subject: [PATCH] Add reference --- XXE Injection/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/XXE Injection/README.md b/XXE Injection/README.md index a6f5ffa..af91358 100644 --- a/XXE Injection/README.md +++ b/XXE Injection/README.md @@ -400,8 +400,6 @@ Assuming payloads such as the previous return a verbose error. You can start poi Your DTD code %local_dtd; ``` -[Payloads for Cisco and Citrix](https://mohemiv.com/all/exploiting-xxe-with-local-dtd-files/) - [Other payloads using different DTDs](https://github.com/GoSecure/dtd-finder/blob/master/list/xxe_payloads.md) @@ -651,3 +649,5 @@ UTF-7 encoding can be used as well to bypass UTF-8/UTF-16 rules. * [SynAck - A Deep Dive into XXE Injection](https://www.synack.com/blog/a-deep-dive-into-xxe-injection/) - 22 July 2019 - Trenton Gordon * [Synacktiv - CVE-2019-8986: SOAP XXE in TIBCO JasperReports Server](https://www.synacktiv.com/ressources/advisories/TIBCO_JasperReports_Server_XXE.pdf) - 11-03-2019 - Julien SZLAMOWICZ, Sebastien DUDEK * [XXE: How to become a Jedi](https://2017.zeronights.org/wp-content/uploads/materials/ZN17_yarbabin_XXE_Jedi_Babin.pdf) - Zeronights 2017 - Yaroslav Babin +* [Payloads for Cisco and Citrix - Arseniy Sharoglazov](https://mohemiv.com/all/exploiting-xxe-with-local-dtd-files/) +