Testing for XPath Injection
OWASP Web Security Testing Guide 4.2 > 7. Data Validation Testing > 7.9. Testing for XPath Injection
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
7.9 | WSTG-INPV-09 | Testing for XPath Injection | - Identify XPATH injection points by checking for XML error enumeration by supplying a single quote ('): Username: ‘ or ‘1’ = ‘1 Password: ‘ or ‘1’ = ‘1 |