CVE-2023-3978 Information

Aug 03, 2023 cve

Description

Text nodes not in the HTML namespace are incorrectly literally rendered causing text which should be escaped to not be. This could lead to an XSS attack.

Reference

https://go.dev/issue/61615 https://go.dev/cl/514896 https://pkg.go.dev/vuln/GO-2023-1988

Share on: