data/reports/GO-2023-1753.yaml - vulndb - Git at Google

 modules:
   - module: std
     versions:
       - fixed: 1.19.9
       - introduced: 1.20.0-0
         fixed: 1.20.4
     vulnerable_at: 1.20.3
     packages:
       - package: html/template
         symbols:
           - appendCmd
           - htmlNospaceEscaper
         derived_symbols:
           - Template.Execute
           - Template.ExecuteTemplate
 summary: Improper handling of empty HTML attributes in html/template
 description: |
     Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}")
     executed with empty input can result in output with unexpected
     results when parsed due to HTML normalization rules. This may allow
     injection of arbitrary attributes into tags.
 credits:
   - Juho Nurminen of Mattermost
 references:
   - report: https://go.dev/issue/59722
   - fix: https://go.dev/cl/491617
   - web: https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU
 cve_metadata:
     id: CVE-2023-29400
     cwe: 'CWE-74: Improper input validation'
	modules:
	- module: std
	versions:
	- fixed: 1.19.9
	- introduced: 1.20.0-0
	fixed: 1.20.4
	vulnerable_at: 1.20.3
	packages:
	- package: html/template
	symbols:
	- appendCmd
	- htmlNospaceEscaper
	derived_symbols:
	- Template.Execute
	- Template.ExecuteTemplate
	summary: Improper handling of empty HTML attributes in html/template
	description: \|
	Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}")
	executed with empty input can result in output with unexpected
	results when parsed due to HTML normalization rules. This may allow
	injection of arbitrary attributes into tags.
	credits:
	- Juho Nurminen of Mattermost
	references:
	- report: https://go.dev/issue/59722
	- fix: https://go.dev/cl/491617
	- web: https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU
	cve_metadata:
	id: CVE-2023-29400
	cwe: 'CWE-74: Improper input validation'