Definition

XPath injection

XPath injection is an attack targeting Web sites that create XPath queries from user-supplied data. If an application embeds unprotected data into an XPath query, the query can be altered so that it is no longer parsed in the manner originally intended. This can be done by bypassing the Web site authentication system and extracting the structure of one or more XML documents in the site.

This was last updated in June 2006

Continue Reading About XPath injection

Dig Deeper on Internet Application Security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudComputing

SearchAppArchitecture

SearchITOperations

SearchAWS

Close