Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a ‘/’ character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | go | < 1.20.4-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | go | < 1.19.9-r0 | UNKNOWN |
Alpine | 3.18-community | noarch | go | < 1.20.4-r0 | UNKNOWN |
Alpine | 3.19-community | noarch | go | < 1.20.4-r0 | UNKNOWN |