I’m zi0black, Security Researcher and Penetration Tester at Shielder. I love to turn IoT devices in expensive paperweights.
By thezero & zi0black
24/10/2019
Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, …
The LSP4XML library used by many IDE and editors was affected by an XXE which lead to RCE exploitable by just opening an XML file.
RCE XXE Exploit Writeup
6
Min
We use cookies to make sure you can have the best experience on our site. If you continue to use this site we will assume that you are happy with it.
