AI Score
Confidence
High
EPSS
Percentile
75.3%
xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact.
github.com/antchfx/xmlquery/compare/v1.3.0...v1.3.1
github.com/antchfx/xmlquery/issues/39