1026 (#1047)

* Move back to Java 15 as XML parsers fail with XXE lesson

* Documentation improvement

docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM openjdk:16-slim
+FROM openjdk:15-slim
 
 ARG webgoat_version=8.2.1-SNAPSHOT
 ENV webgoat_version_env=${webgoat_version}

webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_blind_assignment.adoc

@@ -1,6 +1,6 @@
 == Blind XXE assignment
 
-In the previous page we showed you how you can ping a server with a XXE attack, in this assignment try to make a DTD which will upload the contents of a file secret.txt from the WebGoat server to our WebWolf server. You can use WebWolf to serve your DTD. The secret.txt is located on the WebGoat server in this location, so you do not need to scan all directories and files:
+In the previous page we showed you how you can ping a server with a XXE attack, in this assignment try to make a DTD which will upload the contents of a file `secret.txt` from the WebGoat server to our WebWolf server. You can use WebWolf to serve your DTD. The `secret.txt` is located on the WebGoat server in this location, so you do not need to scan all directories and files:
 
 
 |===
@@ -13,4 +13,4 @@ In the previous page we showed you how you can ping a server with a XXE attack,
 
 Try to upload this file using WebWolf landing page for example: `webWolfRootLink:landing?text=contents_file[noLink,target=landing]`
 (NOTE: this endpoint is under your full control)
-Once you obtained the contents of the file post it as a new comment on the page and you will solve the lesson.
+Once you obtained the contents of the file post it as a new comment on the page, and you will solve the lesson.