iSEC Partners and Brad Hill are pleased to announce the availability of a new whitepaper describing design flaws and new attacks against the XML Digital Signature and XML Encryption standards. It accompanies recent advisories and provides detailed guidance for auditors and implementers of these products.
You can download it from the following link: https://packetstormsecurity.com/files/download/57714/XMLDSIG_Command_Injection.pdf
Source: https://packetstormsecurity.com/files/57714/XMLDSIG_Command_Injection.pdf.html