Skip to main content
All CollectionsIndigo Product Security and Management
Protection against XML External Entities (XXE)
Protection against XML External Entities (XXE)
Marie Claire Saliba avatar
Written by Marie Claire Saliba
Updated over 9 months ago

An XML External Entity Attack (XXE) is one that attacks an application that processes XML files. XML files are commonly used for SEPA files, especially for direct credit files. It is no wonder that, as a payroll software, Indigo must ensure that these kinds of files are processed securely.

To protect you and your SEPA file exports, we secure Indigo’s XML processors by

  1. closing off the system to external XML entities;

  2. document type definition (DTD).

These two processes are run internally within Indigo.


You can further protect against XXE attacks:


Did this answer your question?