AI Score
Confidence
High
EPSS
Percentile
75.3%
LoadURL does not check the Content-Type of loaded resources, which can cause a panic due to nil pointer deference if the loaded resource is not XML. If user supplied URLs are loaded, this may be used as a denial of service vector.
github.com/antchfx/xmlquery/commit/5648b2f39e8d5d3fc903c45a4f1274829df71821
github.com/antchfx/xmlquery/issues/39