Playing with Content-Type – XXE on JSON Endpoints

Many web and mobile applications rely on web services communication for client-server interaction. Most common data formats for web services are XML, whether SOAP or RESTful, and JSON. While a web service may be programmed to use just one of them, the server may accept data formats that the developers did not anticipate. This may … Continue reading Playing with Content-Type – XXE on JSON Endpoints