modules: | |
- module: github.com/kitabisa/teler-waf | |
versions: | |
- fixed: 0.1.1 | |
vulnerable_at: 0.1.0 | |
packages: | |
- package: github.com/kitabisa/teler-waf | |
symbols: | |
- Teler.checkCustomRules | |
derived_symbols: | |
- Teler.Analyze | |
- Teler.HandlerFuncWithNext | |
description: |- | |
Improper sanitization and filtering of HTML entities in user input can lead to | |
cross-site scripting (XSS) attacks where arbitrary JavaScript code is executed | |
in the browser. | |
cves: | |
- CVE-2023-26046 | |
ghsas: | |
- GHSA-9f95-hhg4-pg4f | |
references: | |
- fix: https://github.com/kitabisa/teler-waf/commit/d1d49cfddfa3ec2adad962870f14b85cd1aaf739 | |
- web: https://github.com/kitabisa/teler-waf/releases/tag/v0.1.1 | |
- advisory: https://github.com/advisories/GHSA-9f95-hhg4-pg4f |