3 matches found
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
AZL-37293 CVE-2023-39319 affecting package golang for versions less than 1.21.6-1
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...
PT-2023-9457 · Unknown +10 · Html/Template +10
Name of the Vulnerable Software and Affected Versions: html/template package affected versions not specified Description: The issue is related to the html/template package not applying proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider...