XPath injection vulnerability

Description

This script is possibly vulnerable to XPath Injection attacks.

XPath Injection is an attack technique used to exploit web sites that construct XPath queries from user-supplied input.

Remediation

Your script should filter metacharacters from user input.

References

Severity

High

Classification

CWE-643 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Tags

Xpath Injection