data/reports/GO-2023-1753.yaml - vulndb - Git at Google

 id: GO-2023-1753
 modules:
     - module: std
       versions:
         - fixed: 1.19.9
         - introduced: 1.20.0-0
           fixed: 1.20.4
       vulnerable_at: 1.20.3
       packages:
         - package: html/template
           symbols:
             - appendCmd
             - htmlNospaceEscaper
           derived_symbols:
             - Template.Execute
             - Template.ExecuteTemplate
 summary: Improper handling of empty HTML attributes in html/template
 description: |-
     Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}")
     executed with empty input can result in output with unexpected results when
     parsed due to HTML normalization rules. This may allow injection of arbitrary
     attributes into tags.
 credits:
     - Juho Nurminen of Mattermost
 references:
     - report: https://go.dev/issue/59722
     - fix: https://go.dev/cl/491617
     - web: https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU
 cve_metadata:
     id: CVE-2023-29400
     cwe: 'CWE-74: Improper input validation'
	id: GO-2023-1753
	modules:
	- module: std
	versions:
	- fixed: 1.19.9
	- introduced: 1.20.0-0
	fixed: 1.20.4
	vulnerable_at: 1.20.3
	packages:
	- package: html/template
	symbols:
	- appendCmd
	- htmlNospaceEscaper
	derived_symbols:
	- Template.Execute
	- Template.ExecuteTemplate
	summary: Improper handling of empty HTML attributes in html/template
	description: \|-
	Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}")
	executed with empty input can result in output with unexpected results when
	parsed due to HTML normalization rules. This may allow injection of arbitrary
	attributes into tags.
	credits:
	- Juho Nurminen of Mattermost
	references:
	- report: https://go.dev/issue/59722
	- fix: https://go.dev/cl/491617
	- web: https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU
	cve_metadata:
	id: CVE-2023-29400
	cwe: 'CWE-74: Improper input validation'