Kotlin

XML External Entity (XXE)

🐞 non-compliance
// Noncompliant code
fun processInput(input: String) {
    println("Processing input: $input")
    // Process the input without any validation or sanitization
}
✅ compliance
// Compliant code
fun processInput(input: String) {
    val sanitizedInput = input.filter { it.isLetterOrDigit() }
    println("Processing input: $sanitizedInput")
    // Process the sanitized input
}