XSS via incorrect rendering of nonHTML namespace text nodes
CVE-2023-3978 Published on August 2, 2023

Improper rendering of text nodes in golang.org/x/net/html
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

NVD

Products Associated with CVE-2023-3978

Want to know whenever a new CVE is published for GoLang Networking? stack.watch will email you.

GoLang Networking

Affected Versions

golang.org/x/net/html:

Before 0.13.0 is affected.

Exploit Probability

EPSS

0.12%

Percentile

30.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

XSS via incorrect rendering of nonHTML namespace text nodesCVE-2023-3978 Published on August 2, 2023

Products Associated with CVE-2023-3978

Affected Versions

Exploit Probability

XSS via incorrect rendering of nonHTML namespace text nodes
CVE-2023-3978 Published on August 2, 2023