You're very welcome! We are very glad you find it helpful! Thanks a lot from @hacksplained for your words!

Wuoy! Go to toilet if you will pee

Wuoy! Stick your hands out so I can see the bigger areas of you

Thank you very much for your feedback! We are glad, we could help!

😂

LOL

So nice of you! Keep on hunting!

不客气

我不得不使用谷歌翻译，但是是的，他的视频很好。但他的“打嗝”这个词实际上听起来像是打了个饱嗝。

Our pleasure! 🥰

You are so welcome!

Ooooo interesting! I guess it would depend how it's processed, e.g. is the user input safely sanitised/processed and then the response is returned in JSON.. OR, if the input is inserted into XML, processed unsafely and then the output returned..

@@intigriti thanks will check and report back

@@intigriti so the request itself has a content type of application/x-www-form-urlencoded , while the response which contains the value of the submitted param is xml ... any clue with this weird mix?

Welcome aboard! Glad you enjoyed this one!

Very welcome! 💜

There you go! :) Start searching for them 💪

It is! It's still ranked #5 in the current OWASP Top 10 - blog.intigriti.com/hackademy/xml-external-entity-processing-xxe/

@@intigriti ok. but i see json most of the time instead of xml

🏎