3Nis
Can XXE be exploited when disallow-doctype-decl is set to true (Apache)?
I found out that an endpoint of a website may be vulnerable to XXE. It is using Unmarshal as an XML parser. When I try to send a post request using common XXE payloads, I receive the following response from the server:
[org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 54; DOCTYPE is disallowed when the feature \"http://apache.org/xml/features/disallow-doctype-decl\" set to true.]
Is there any payload that doesn't need the doctype declaration? Is it possible to exploit this XXE or not?
