AZL-26625 CVE-2023-24539 affecting package msft-golang for versions less than 1.20.11-1
Angle brackets are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if executed with untrusted input...