mirror of
https://github.com/carlospolop/hacktricks.git
synced 2023-12-14 19:12:55 +01:00
GitBook: [master] one page modified
This commit is contained in:
parent
2dd6d8ff0e
commit
87e77dac9f
|
@ -5,6 +5,8 @@ The transformation can be done in the server or in the browser\).
|
|||
|
||||
The most used frameworks are: **Libxslt** \(Gnome\), **Xalan** \(Apache\) and **Saxon** \(Saxonica\).
|
||||
|
||||
In order to exploit this kind of vulnerability you need to be able to store xsl tags in the server side and then access that content. An example of this kind of vulnerability can be found on [https://www.gosecure.net/blog/2019/05/02/esi-injection-part-2-abusing-specific-implementations/](https://www.gosecure.net/blog/2019/05/02/esi-injection-part-2-abusing-specific-implementations/)
|
||||
|
||||
## Fingerprint
|
||||
|
||||
Upload this and take information
|
||||
|
|
Loading…
Reference in a new issue