CVE-2023-39318

2023-09-0817:15:27

CWE-79

[email protected]

web.nvd.nist.gov

174

security

vulnerability

xss

html/template

nvd

cve-2023-39318

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.1%

JSON

The html/template package does not properly handle HTML-like “” comment tokens, nor hashbang “#!” comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.

Affected configurations

NVD

Node

golanggoRange<1.20.8

golanggoRange1.21.0–1.21.1

CPENameOperatorVersion
golang:gogolang golt1.20.8
golang:gogolang golt1.21.1

CPE	Name	Operator	Version
golang:go	golang go	lt	1.20.8
golang:go	golang go	lt	1.21.1

CNA Affected

[
  {
    "vendor": "Go standard library",
    "product": "html/template",
    "collectionURL": "https://pkg.go.dev",
    "packageName": "html/template",
    "versions": [
      {
        "version": "0",
        "lessThan": "1.20.8",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "1.21.0-0",
        "lessThan": "1.21.1",
        "status": "affected",
        "versionType": "semver"
      }
    ],
    "programRoutines": [
      {
        "name": "isComment"
      },
      {
        "name": "escaper.escapeText"
      },
      {
        "name": "tJS"
      },
      {
        "name": "tLineCmt"
      },
      {
        "name": "Template.Execute"
      },
      {
        "name": "Template.ExecuteTemplate"
      }
    ],
    "defaultStatus": "unaffected"
  }
]