Input Validation Error Medium Vega has detected that it may be possible to corrupt the structure of a server-side XML document. This could affect the logic of the application, depending on how the XML document is used. An XML injection vulnerability can lead to a loss of integrity of the data used or stored by the application. XML may be an injection vector that bypasses content filters (e.g. including javascript in a CDATA section). Vega has detected a possible XML injection vulnerability. XML injection can occur when externally supplied data that has not been sufficiently validated is used to create an XML document. It is possible for this data to corrupt the structure of the documents. The possible consequences depend on the XML document and what it is used for. Developers should investigate the code to manually verify that an XML injection vulnerability does exist. Characters that can be interpreted as XML should be filtered. XML Injection (OWASP) Testing for XML Injection (OWASP) XML Injection (WASC)