XSL(Extensible Stylesheet Language) is use on websites that use XML as its main data source. XSL sometimes
known as XSLT is typically used to render XML data into HTML(hypertext markup language) which displays a web
page to the user. The danger of this can be that a hacker can pass in their own XSL file to the XML data
source which not only gives the hacker the ability to control the output style of the content but they will
also be able to filter and insert custom content to be display inside a website that will look and feel
authentic to the visitor.
WebSafe will test for Remote XSL Inclusion attacks:
By attempting to include a custom XSL file to any data sources suspected of serving XML data we can test
whether a website is vulnerable.