Vulnerability Report: GO-2023-1988
- CVE-2023-3978, GHSA-2wrh-6pvc-2jm9
- Affects: golang.org/x/net
- Published: Aug 02, 2023
- Modified: May 20, 2024
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
Affected Packages
-
PathGo VersionsSymbols
-
before v0.13.0
Aliases
References
Feedback
See anything missing or incorrect?
Suggest an edit to this report.