Description
This script is possibly vulnerable to XPath Injection attacks.
XPath Injection is an attack technique used to exploit web sites that construct XPath queries from user-supplied input.
Remediation
Your script should filter metacharacters from user input.