.avif)
View all vulnerabilities
CVE-2023-3978
Improper rendering of text nodes in golang.org/x/net/html
Description
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgradingVulnerability Details
Score
Score Vector
Affected Versions
golang.org/x/net < 0.13.0
Severity
Ecosystem
GO
Publish Date
August 2, 2023
Modified Date
October 22, 2024