ZAP – XSLT Injection

Details
Alert Id	90017
Alert Type	Active
Status	release
Risk	Medium
CWE	91
WASC	23
Technologies Targeted	All
Tags	OWASP_2017_A01 OWASP_2021_A03

Summary

Injection using XSL transformations may be possible, and may allow an attacker to read system information, read and write files, or execute arbitrary code.

Solution

Sanitize and analyze every user input coming from any client-side.

Other Info

References

https://www.contextis.com/blog/xslt-server-side-injection-attacks

Code

org/zaproxy/zap/extension/ascanrules/XsltInjectionScanRule.java