From d1691991a9b9be449b1d240c8659d7188be61a56 Mon Sep 17 00:00:00 2001
From: zapbot <12745184+zapbot@users.noreply.github.com>
Date: Fri, 1 Aug 2025 07:22:02 +0000
Subject: [PATCH] Update site content

From:
zaproxy/zaproxy-website@480a6e40cb11c6aed5f61634e4f7844d45796f55

Signed-off-by: zapbot <12745184+zapbot@users.noreply.github.com>
---
 alerttags/custom_payloads/index.html | 6 ++++++
 alerttags/custom_payloads/index.xml  | 7 +++++++
 docs/alerts/90021/index.html         | 2 ++
 3 files changed, 15 insertions(+)

diff --git a/alerttags/custom_payloads/index.html b/alerttags/custom_payloads/index.html
index 13b0d5fcc5..727dff4005 100644
--- a/alerttags/custom_payloads/index.html
+++ b/alerttags/custom_payloads/index.html
@@ -180,6 +180,12 @@ <h4>CUSTOM_PAYLOADS</h4>
                   <td><a href=""></a></td>
                </tr>
             
+               
+               <tr>
+                  <td><a href="/docs/alerts/90021/">XPath Injection</a></td>
+                  <td><a href=""></a></td>
+               </tr>
+            
          </tbody>
       </table>
    </div>
diff --git a/alerttags/custom_payloads/index.xml b/alerttags/custom_payloads/index.xml
index ee62daf31e..591ffbb090 100644
--- a/alerttags/custom_payloads/index.xml
+++ b/alerttags/custom_payloads/index.xml
@@ -49,5 +49,12 @@
       <guid>/docs/alerts/10057/</guid>
       <description>&lt;p&gt;A hash of a username (admin) was found in the response. This may indicate that the application is subject to an Insecure Direct Object Reference (IDOR) vulnerability. Manual testing will be required to see if this discovery can be abused.&lt;/p&gt;</description>
     </item>
+    <item>
+      <title>XPath Injection</title>
+      <link>/docs/alerts/90021/</link>
+      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
+      <guid>/docs/alerts/90021/</guid>
+      <description>&lt;p&gt;XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents. It can be used directly by an application to query an XML document, as part of a larger operation such as applying an XSLT transformation to an XML document, or applying an XQuery to an XML document. The syntax of XPath bears some resemblance to an SQL query, and indeed, it is possible to form SQL-like queries on an XML document using XPath.&lt;/p&gt;</description>
+    </item>
   </channel>
 </rss>
diff --git a/docs/alerts/90021/index.html b/docs/alerts/90021/index.html
index e07683853d..40d16884dd 100644
--- a/docs/alerts/90021/index.html
+++ b/docs/alerts/90021/index.html
@@ -188,6 +188,8 @@ <h1 class="text--white">XPath Injection</h1>
               </td>
               <td>
               
+              	<a href="/alerttags/custom_payloads">CUSTOM_PAYLOADS</a><br>
+              
               	<a href="/alerttags/cwe-643">CWE-643</a><br>
               
               	<a href="/alerttags/hipaa">HIPAA</a><br>