XML Parser and XML External Entity
![[Deleted User]](https://community.decisions.com/applications/dashboard/design/images/defaulticon.png)
Does the XML parser Decisions uses have XML External Entity disabled by default?
Comments
-
The .NET XML features that Decisions uses are, by default, not vulnerable to XXE in .NET Framework 4.5.2 and above, and in .NET Core 2.1 and above (including .NET 5 and 6). Therefore, any somewhat recent version should be secure against XXE vulnerabilities.
Howdy, Stranger!
Categories
- 4.5K All Categories
- 86 General
- 13 Training
- 212 Installation / Setup
- 1.2K Flows
- 112 Rules
- 277 Administration
- 215 Portal
- 503 General Q & A
- 721 Forms
- 355 Reports
- 3 Designer Extensions
- 47 Example Flows
- 58 CSS Examples
- 1 Diagram Tile
- 8 Javascript Controls
- 189 Pages
- 5 Process Mining
- New Features
- 187 Datastructures
- 72 Repository
- 237 Integrations
- 30 Multi-Tenant
- 27 SDK
- 81 Modules
- 60 Settings
- 26 Active Directory
- 12 Version 7
- 36 Version 8
- 143 Lunch And Learn Questions