Support
Dashboard
Dashboard

Documentation

API Reference

Start Here

What is CodeAnt?
Join Community

Setup

Github
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
CI/CD

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
  - Aws-lambda
  - Gin
  - Gorilla
  - Gorm
  - Grpc
  - Jwt-go
  - Lang
    - Best practice
    - Correctness
    - Correctness
    - Maintainability
    - Memory
    - Security
    - Security
      - Audit
      - Audit
        Crypto
        Database
        Net
        Sqli
        Xss
        Xxe
      - Injection
  - Net
  - Otto
  - Secrets
  - Template
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Audit

Xxe

parsing-external-entities-enabled

Detected enabling of “XMLParseNoEnt”, which allows parsing of external entities and can lead to XXE if user controlled data is parsed by the library. Instead, do not enable “XMLParseNoEnt” or be sure to adequately sanitize user-controlled data when it is being parsed by this library.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-611: Improper Restriction of XML External Entity Reference
OWASP:
- A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration

Xss Injection

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.