Update site content

alerttags/custom_payloads/index.html

@@ -180,6 +180,12 @@ <h4>CUSTOM_PAYLOADS</h4>
                   <td><a href=""></a></td>
                </tr>
 
+
+               <tr>
+                  <td><a href="/docs/alerts/90021/">XPath Injection</a></td>
+                  <td><a href=""></a></td>
+               </tr>
+
          </tbody>
       </table>
    </div>

alerttags/custom_payloads/index.xml

@@ -49,5 +49,12 @@
       <guid>/docs/alerts/10057/</guid>
       <description>&lt;p&gt;A hash of a username (admin) was found in the response. This may indicate that the application is subject to an Insecure Direct Object Reference (IDOR) vulnerability. Manual testing will be required to see if this discovery can be abused.&lt;/p&gt;</description>
     </item>
+    <item>
+      <title>XPath Injection</title>
+      <link>/docs/alerts/90021/</link>
+      <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
+      <guid>/docs/alerts/90021/</guid>
+      <description>&lt;p&gt;XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents. It can be used directly by an application to query an XML document, as part of a larger operation such as applying an XSLT transformation to an XML document, or applying an XQuery to an XML document. The syntax of XPath bears some resemblance to an SQL query, and indeed, it is possible to form SQL-like queries on an XML document using XPath.&lt;/p&gt;</description>
+    </item>
   </channel>
 </rss>

docs/alerts/90021/index.html

@@ -188,6 +188,8 @@ <h1 class="text--white">XPath Injection</h1>
               </td>
               <td>
 
+              	<a href="/alerttags/custom_payloads">CUSTOM_PAYLOADS</a><br>
+
               	<a href="/alerttags/cwe-643">CWE-643</a><br>
 
               	<a href="/alerttags/hipaa">HIPAA</a><br>