XML External Entity

XML External Entity, or XXE, occurs when an XML parser processes external entities without secure configuration. Attackers may exploit XXE to read local files, perform internal network requests, trigger SSRF-like behavior, or cause denial of service in vulnerable applications. XXE is especially relevant in systems that process XML uploads, SOAP APIs, document parsers, integrations, or legacy enterprise applications. Secure XML parser configuration and disabling external entity processing are key remediation steps.