This repository contains slides and demo material for my talk on the latest XML External Entity (XXE) vulnerability in Adobe Commerce and Magento. The purpose of these materials is purely educational, designed to inform developers, security professionals, and e-commerce stakeholders about this vulnerability, its potential impact, and how to safeguard against it.
- Slides: An overview of the vulnerability and how it works
- XXE demo: Demonstration how XEE work in general
- Exploit Demo: Demonstration of how the vulnerability can be exploited
This material is provided for educational purposes only. I am not liable for any damages resulting from the use or misuse of the information provided here. The techniques discussed and demonstrated should only be used in controlled environments for educational or ethical security research purposes.