[Nikto-discuss] Not well-formed XML report containing not escaped chars

a resident.deity at gmail.com
Wed Jun 6 14:01:24 CDT 2012

On 23 May 2012 22:01, Peter Wang (wkwang) <wkwang at cisco.com> wrote:
> Hi,
> In parsing one of Nikto XML report file, my script throw an error
> complaining error "not well-formed (invalid token)" at line 5 character 88
> /O=TANDBERG/OU=UKR&D/ <--Error-- CN=ukdev-mint.uk.rd.tandberg.com/emailA"
> Finding the XML report containing some special characters in the text
> without necessary escaping. An offending section is as below,
> <ssl ciphers="DHE-RSA-AES256-SHA"
> issuers="/C=GB/ST=Berks/L=Ruscombe/O=XXXXXX/OU=XXXX/CN=asdf.com/emailAddress=someone at asdf.com"
> info="/C=GB/ST=Berkshire/L=Ruscombe/O=Company/OU=UK R&D/CN=vmx098" />

It looks like we need to wrap the issuers/info in a CDATA construct,
I've raised this as bug 245



More information about the Nikto-discuss mailing list