Fixes #1317

2019-03-20 07:47:28 +00:00
parent 9685568c75
commit 5f2b8f8a2e
2 changed files with 23 additions and 5 deletions
--- a/app/finders/users/rss_generator.rb
+++ b/app/finders/users/rss_generator.rb
@@ -17,20 +17,20 @@ module WPScan

            begin
              res.xml.xpath('//item/dc:creator').each do |node|
-                potential_username = node.text.to_s
+                username = node.text.to_s

                # Ignoring potential username longer than 60 characters and containing accents
                # as they are considered invalid. See https://github.com/wpscanteam/wpscan/issues/1215
-                next if potential_username.length > 60 || potential_username =~ /[^\x00-\x7F]/
+                next if username.strip.empty? || username.length > 60 || username =~ /[^\x00-\x7F]/

-                potential_usernames << potential_username
+                potential_usernames << username
              end
            rescue Nokogiri::XML::XPath::SyntaxError
              next
            end

-            potential_usernames.uniq.each do |potential_username|
-              found << CMSScanner::User.new(potential_username, found_by: found_by, confidence: 50)
+            potential_usernames.uniq.each do |username|
+              found << CMSScanner::User.new(username, found_by: found_by, confidence: 50)
            end

            break