#14 Invalid XML files

[Mario Vilas]

When scanning live.vodafone.es and generating an XML output file, some characters aren't correctly escaped. This causes XML parsers to fail to read the file, but at its worst, it can also cause a security issue if a malicious site is scanned and the resulting XML file is fed to a parser (XML injection vulnerability).

I've attached the XML file showing the problem, look for unescaped ampersands in the "extension" tag near the end of the file.