Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

GoVULNRICHMENT:CVE-2023-39319

HistorySep 08, 2023 - 4:13 p.m.

Vulners
/
Vulnrichment
/
CVE-2023-39319 Improper handling of special tags within script contexts in html/template

CVE-2023-39319 Improper handling of special tags within script contexts in html/template

2023-09-0816:13:28

github.com

cve-2023-39319

html/template

script contexts

xss attack

AI Score

6.2

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

The html/template package does not apply the proper rules for handling occurrences of “<script”, "

References

go.dev/cl/526157

go.dev/issue/62197

groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ

pkg.go.dev/vuln/GO-2023-2043

security.gentoo.org/glsa/202311-09

security.netapp.com/advisory/ntap-20231020-0009/

osv 15

redhatcve 1

cve 1

ubuntucve 1

veracode 2

debiancve 1

cbl_mariner 3

prion 1

nvd 1

wolfi 1

cvelist 1

cgr 1

alpinelinux 1

ibm 18

openvas 11

nessus 48

redhat 33

almalinux 6

photon 3

oraclelinux 6

amazon 2

freebsd 1

ubuntu 1

gentoo 1

oracle 1

osv

Improper handling of special tags within script contexts in html/template

2023-09-07 16:11:59

CGA-qp57-24m3-j7ch

2024-06-06 12:29:07

CVE-2023-39319

2023-09-08 17:15:27

redhatcve

CVE-2023-39319

2023-09-13 06:54:21

cve

CVE-2023-39319

2023-09-08 17:15:27

ubuntucve

CVE-2023-39319

2023-09-08 00:00:00

veracode

Cross-Site Scripting (XSS)

2023-10-02 20:15:19

Cross Site Scripting (XSS)

2023-10-03 07:53:49

debiancve

CVE-2023-39319

2023-09-08 17:15:27

cbl_mariner

CVE-2023-39319 affecting package golang for versions less than 1.20.10-1

2024-09-28 21:12:13

CVE-2023-39319 affecting package msft-golang for versions less than 1.20.10-1

2024-09-28 21:12:13

CVE-2023-39319 affecting package golang for versions less than 1.20.10-1

2024-09-28 21:12:05

prion

Hardcoded credentials

2023-09-08 17:15:00

nvd

CVE-2023-39319

2023-09-08 17:15:27

wolfi

CVE-2023-39319 vulnerabilities

2024-09-28 21:12:41

cvelist

CVE-2023-39319 Improper handling of special tags within script contexts in html/template

2023-09-08 16:13:28

cgr

CVE-2023-39319 vulnerabilities

2024-05-19 03:07:16

alpinelinux

CVE-2023-39319

2023-09-08 17:15:27

ibm

Security Bulletin: Vulnerabilities in Golang Go affect Cloud pak System [CVE-2023-39319, CVE-2023-39318]

2024-08-01 18:47:05

Security Bulletin: Multiple vulnerabilities in Golang Go affect IBM CICS TX Advanced 11.1 and IBM CICS TX Standard 11.1 (CVE-2023-39318 and CVE-2023-39319).

2023-12-06 09:49:59

Security Bulletin: Operations Dashboard is vulnerable to remote code execution and cross-site scripting due to Go CVE-2023-39319, CVE-2023-39323, CVE-2023-39318

2024-01-11 16:40:11

openvas

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3700-1)

2024-03-04 00:00:00

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3840-1)

2024-03-04 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-3178)

2023-11-10 00:00:00

nessus

Photon OS 5.0: Go PHSA-2023-5.0-0108

2024-07-24 00:00:00

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.20 (SUSE-SU-2023:3700-1)

2023-09-21 00:00:00

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-367)

2023-10-03 00:00:00

redhat

(RHSA-2024:2160) Moderate: toolbox security update

2024-04-30 06:14:54

(RHSA-2023:7765) Moderate: podman security update

2023-12-12 16:42:34

(RHSA-2023:7766) Moderate: containernetworking-plugins security update

2023-12-12 16:42:36

almalinux

Moderate: toolbox security update

2024-04-30 00:00:00

Moderate: buildah security update

2023-12-12 00:00:00

Moderate: podman security update

2023-12-12 00:00:00

photon

Important Photon OS Security Update - PHSA-2023-5.0-0108

2023-10-05 00:00:00

Important Photon OS Security Update - PHSA-2023-3.0-0665

2023-10-10 00:00:00

Moderate Photon OS Security Update - PHSA-2023-4.0-0484

2023-10-05 00:00:00

oraclelinux

skopeo security update

2023-12-13 00:00:00

podman security update

2023-12-14 00:00:00

buildah security update

2023-12-14 00:00:00

amazon

Important: golang

2023-10-16 13:45:00

Important: golang

2023-09-27 22:15:00

freebsd

go -- multiple vulnerabilities

2023-09-06 00:00:00

ubuntu

Go vulnerabilities

2024-01-11 00:00:00

gentoo

Go: Multiple Vulnerabilities

2023-11-25 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.2

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-39319