greprules.io
Sign inSubmit rule
Explore/gitlab-sast-rules-lgpl-javascript-xml-rule-xxe-expat

Xml Xxe Expat

Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities.

IndexedPublic repositoryHighMedium confidenceVerifiedLGPL-3.0-onlyjavascript
greprules fetch gitlab-sast-rules-lgpl-javascript-xml-rule-xxe-expat --engine opengrep

Description

Make sure that unverified user data can not reach the XML Parser, as it can result in XML External or Internal Entity (XXE) Processing vulnerabilities.

Detection target

Not provided

Recommended fix

Not provided

False-positive notes

Not provided

License
LGPL-3.0-only
Source context
Public repository
Validation status
Verified
Trust signals
104 downloads0 direct104 via packs
· 0 stars · Trust score 91How trust works
Included packs
2 packs

Community feedback

Sign in to report false positives, mark this rule useful, or suggest metadata improvements.

Mark usefulReport false positiveSuggest metadata