CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
50.5%
github.com/golang/go is vulnerable to Cross-site Scripting (XSS). The vulnerability is due improper handling of ""
comment tokens, hashbang "#!"
comment tokens, in `
github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c
github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb
github.com/golang/go/issues/62196
github.com/golang/go/issues/62395
go.dev/cl/526156
go.dev/issue/62196
groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ
pkg.go.dev/vuln/GO-2023-2041
security.gentoo.org/glsa/202311-09
security.netapp.com/advisory/ntap-20231020-0009/