From 5f2b8f8a2eb7a76817f1ce81df4d572ca7eaa9b0 Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Wed, 20 Mar 2019 07:47:28 +0000
Subject: [PATCH] Fixes #1317

---
 app/finders/users/rss_generator.rb             | 10 +++++-----
 .../finders/users/rss_generator/feed.xml       | 18 ++++++++++++++++++
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/app/finders/users/rss_generator.rb b/app/finders/users/rss_generator.rb
index dc936ddc..f090acb0 100644
--- a/app/finders/users/rss_generator.rb
+++ b/app/finders/users/rss_generator.rb
@@ -17,20 +17,20 @@ module WPScan
 
             begin
               res.xml.xpath('//item/dc:creator').each do |node|
-                potential_username = node.text.to_s
+                username = node.text.to_s
 
                 # Ignoring potential username longer than 60 characters and containing accents
                 # as they are considered invalid. See https://github.com/wpscanteam/wpscan/issues/1215
-                next if potential_username.length > 60 || potential_username =~ /[^\x00-\x7F]/
+                next if username.strip.empty? || username.length > 60 || username =~ /[^\x00-\x7F]/
 
-                potential_usernames << potential_username
+                potential_usernames << username
               end
             rescue Nokogiri::XML::XPath::SyntaxError
               next
             end
 
-            potential_usernames.uniq.each do |potential_username|
-              found << CMSScanner::User.new(potential_username, found_by: found_by, confidence: 50)
+            potential_usernames.uniq.each do |username|
+              found << CMSScanner::User.new(username, found_by: found_by, confidence: 50)
             end
 
             break
diff --git a/spec/fixtures/finders/users/rss_generator/feed.xml b/spec/fixtures/finders/users/rss_generator/feed.xml
index a9ab6453..46841668 100644
--- a/spec/fixtures/finders/users/rss_generator/feed.xml
+++ b/spec/fixtures/finders/users/rss_generator/feed.xml
@@ -59,5 +59,23 @@
       <dc:creator><dc:creator><![CDATA[Michael Schrage. <p>Michael Schrage is a researcher at the MIT Sloan School of Management Initiative on the Digital Economy, where he does research and advisory work on how digital media transforms agency, human capital, and innovation.</p>
 ]]></dc:creator></dc:creator>
     </item>
+
+    <item>
+      <title>Hello world!</title>
+      <link>http://ex.lo/2018/09/23/hello-world/</link>
+      <comments>http://ex.lo/2018/09/23/hello-world/#comments</comments>
+      <pubDate>Sun, 23 Sep 2018 11:31:56 +0000</pubDate>
+      <!-- Should be ignored as empty username -->
+      <dc:creator><![CDATA[]]></dc:creator>
+    </item>
+
+    <item>
+      <title>Hello world!</title>
+      <link>http://ex.lo/2018/09/23/hello-world/</link>
+      <comments>http://ex.lo/2018/09/23/hello-world/#comments</comments>
+      <pubDate>Sun, 23 Sep 2018 11:31:56 +0000</pubDate>
+      <!-- Should be ignored as empty username -->
+      <dc:creator><![CDATA[ ]]></dc:creator>
+    </item>
   </channel>
 </rss>