Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.
References
Link | Resource |
---|---|
https://go.dev/cl/491616 | Patch |
https://go.dev/issue/59721 | Issue Tracking Patch |
https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU | Mailing List Release Notes |
https://pkg.go.dev/vuln/GO-2023-1752 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Go
Published: 2023-05-11T15:29:31.947Z
Updated: 2023-06-12T19:08:26.127Z
Reserved: 2023-01-25T21:19:20.642Z
Link: CVE-2023-24540
JSON object: View
NVD Information
Status : Modified
Published: 2023-05-11T16:15:09.687
Modified: 2023-11-07T04:08:32.233
Link: CVE-2023-24540
JSON object: View
Redhat Information
No data.
CWE