Security Advisory

CVE-2024-24785

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-05 22:22:33
Last updated 2025-03-14 00:55:26
Assigner Go
State PUBLISHED

Description

If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.