XML External Entity vulnerability detected.
- Rule ID: go_lang_xml_external_entity_vulnerability
- Languages: go
- Source: xml_external_entity_vulnerability.yml
Avoid parsing untrusted data as XML. Such data could include URIs that resolve to resources that are outside of the current context, leading to XML External Entity (XXE) injection.
❌ Do not enable parsing of external entities.
OWASP Top 10
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=go_lang_xml_external_entity_vulnerability
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=go_lang_xml_external_entity_vulnerability
Ready to take the next step? Learn more about Bearer Cloud.