I am uploading a xsd in my j2ee based web application which is genrating java classes and that is used later for processing. Uploading xsd has been identified as exploitable for XML External Entity injection. I searched lot of places and understood how it can be fixed for xml . But there no clarity on XSD Let me know if somebody has any idea on this.
Thanks in advance
There's nothing special for XSD here. An XSD document is just like any other XML document as far as this attack vector is concerned.