Summary #

Invicti detected an OpenSearch.xml file.

Impact #

An OpenSearch.xml file contains instructions that describe the web interface of a search engine. As such, it may contain URLs, contact information, and other metadata. Additionally, Netsparker will use this file in order to fill its URL pool.

Depending on the content of the file, an attacker might discover hidden directories and files.

Actions To Take #

Make sure that the data published in this file only contains information that is meant to be publicly accessible.

Classifications #
CWE-200; ISO27001-A.18.1.3; OWASP PC-C7
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities


Search Vulnerability


Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo