XML Security in Java
XML Security in Java
semgrep.dev XML Security in Java
In this blog post, you can read just how much of a mess Java XML security is
You're viewing a single thread.
All Comments
6 comments
Most of the vulnerabilities in SAML are derived by the fact that XML it’s always a nightmare to parse… I wonder why people keep using it.
2 0 ReplyHistorical decisions seem to be the most common reasons
2 0 ReplyYes, but usually “historical decisions” is an acronym for “we are not able to manage that because we designed our systems in the worst possible way”
1 0 Reply… and those decisions are sometimes rooted in "we don't have the people and/or money to spend on a new development in this module."
And everyone else is stuck either accepting that or spending the resources to ameliorate the situation. :/
2 0 ReplyDefinitely
1 0 Reply
6 comments
Scroll to top