HTB - BountyHunter Write-up 4 years ago 6 min read hacktheboxxxepythonevalwriteupeasy Rated Easy by HackTheBox and created by ejedev, we discover XML External Entity (XXE) and Python eval() function vulnerabilities.