We will start this section by telling you that XML External Entities (XXE) are the fourth web application security risk in the OWASP top ten.
Before we dig in there are some basic concepts that you should first know. First of all you need to know what is XML. You'll find a goo definition and extra information about XML: XML Overview
Now that you know what XML is, now you need to know some basic syntax in order for you to understand the code you are reading, using or writing. In the same course you'll find: XML Syntax
We also need to understand what is a XML document: XML Documents
Also what is a declaration: XML Declaration
XML CDATA sections: XML CDATA Sections
This is very important!. XML - DTDs: XML - DTDs
You should also need to know what are the common structure followed by XML. XML Tree Structure
That should do it for now, in the learning section you'll learn more about XML but for now that should be enough. We really recommend you to read all the course, the course is not that big and you'll learn more about a language commonly used. Let's get to it!.