CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Golang: >> Go >> 1.19.8 Security Vulnerabilities

CVE-2023-29400

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

CVSS Score

7.3

EPSS Score

0.0

Published

2023-05-11

Page 5

Vulnerabilities

Vulnerable Software

Golang: >> Go >> 1.19.8 Security Vulnerabilities

Products

Pricing

Contact Us