What are the risks XXE represents?
By performing an XXE Injection, attackers can view files on the application server file system, or interact with any backend external systems that the application itself can access.
In some cases, hackers can even cause Denial of Service (DoS) and elevate an XXE attack to compromise the underlying server or other backend infrastructure, by leveraging the XXE vulnerability to perform server-side request forgery (SSRF) attack.