OpenSearch.xml Detected

Severity: Information

Summary#

Invicti detected an OpenSearch.xml file.

Impact#

An OpenSearch.xml file contains instructions that describe the web interface of a search engine. As such, it may contain URLs, contact information, and other metadata. Additionally, Invicti will use this file in order to fill its URL pool.

Depending on the content of the file, an attacker might discover hidden directories and files.

Actions To Take#

Make sure that the data published in this file only contains information that is meant to be publicly accessible.

External References#

What is OpenSearch?
OpenSearch - Wikipedia

Classifications#

ISO27001-A.18.1.3, CWE-200

Select Category

Critical
High
Medium
Low
Best Practice
Information

Search Vulnerability

Related Vulnerabilities

OpenSearch.xml Detected

Related Articles

Build your resistance to threats. And save hundreds of hours each month.