Goldshlager highlights the similitude of the XML quadratic blowup attack with the Billion Laughs attack, it basically exploits the use of entity expansion, this means that it replicates one large entity using a couple thousand characters repeatedly.
“A medium-sized XML document of approximately two hundred kilobytes may require anywhere within the range of one hundred MB to several GB of memory. When the attack is combined with a particular level of nested expansion, an attacker is then able to achieve a higher ratio of success.”
In the following example provided by the expert, if the attacker defines the entity “&x;” as 55,000 characters long, and uses this entity 55,000 times inside the XML “DoS” element, the parser will expand to 2.5 GB the document causing the saturation of resources of targeted website.
<?xml version=”1.0″?> <!DOCTYPE DoS [!<ENTITY a "xxxxxxxxxxxxxxxxx...">]> <DoS>&x;&x;&x;&x;&x;&x;&x;&x;&x;…</DoS>
Following a video Proof of Concept of the attack on WordPress published by Goldshlager, while the PoC Exploit: (128MB Memory limit) is available at the address below
https://drive.google.com/file/d/0B2-5ltUODX1Lc3pGV0FjbUk4bjA/edit?usp=sharing
(Security Affairs – Drupal, WordPress, hacking)
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations.…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration…
Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID…
A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked…
This website uses cookies.
