Vulnerability Report: GO-2023-1988
- CVE-2023-3978, GHSA-2wrh-6pvc-2jm9
- Affects: golang.org/x/net
- Published: Aug 02, 2023
- Modified: Oct 12, 2023
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
Affected Packages
-
PathVersionsSymbols
-
before v0.13.0
Aliases
References
Feedback
See anything missing or incorrect?
Suggest an edit to this report.