Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2023-29400

Опубликовано: 04 сент. 2025
Источник: msrc
CVSS3: 7.3
EPSS Низкий

Описание

Improper handling of empty HTML attributes in html/template

EPSS

Процентиль: 15%
0.00048
Низкий

7.3 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-29400

CVSS3: 7.3
ubuntu
больше 2 лет назад

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

redhat логотип

CVE-2023-29400

CVSS3: 7.3
redhat
больше 2 лет назад

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

nvd логотип

CVE-2023-29400

CVSS3: 7.3
nvd
больше 2 лет назад

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

debian логотип

CVE-2023-29400

CVSS3: 7.3
debian
больше 2 лет назад

Templates containing actions in unquoted HTML attributes (e.g. "attr={ ...

github логотип

GHSA-c9hr-fvm9-7c49

CVSS3: 7.3
github
больше 2 лет назад

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

EPSS

Процентиль: 15%
0.00048
Низкий

7.3 High

CVSS3