[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-39319":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":45,"duplicate_of":9,"upstream":48,"downstream":49,"duplicates":102,"related":103,"reserved_at":9,"published_at":119,"modified_at":120,"state":121,"summary":122,"references_raw":131,"kevs":166,"epss":167,"epss_history":170,"metrics":434,"affected":440},"CVE-2023-39319","The html/template package does not apply the proper rules for handling occurrences of \"\u003Cscript\", \"\u003C!--\", and \"\u003C/script\" within JS literals in \u003Cscript> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[],[46,47],"GO-2023-2043","BIT-golang-2023-39319",[],[50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100],{"_key":51},"SUSE-SU-2023:3840-1",{"_key":53},"OPENSUSE-SU-2023:0360-1",{"_key":55},"SUSE-SU-2023:3700-1",{"_key":57},"SUSE-SU-2023:3701-1",{"_key":59},"SUSE-SU-2023:4469-1",{"_key":61},"OPENSUSE-SU-2024:13216-1",{"_key":63},"OPENSUSE-SU-2024:13217-1",{"_key":65},"USN-6574-1",{"_key":67},"USN-7061-1",{"_key":69},"DEBIAN-CVE-2023-39319",{"_key":71},"UBUNTU-CVE-2023-39319",{"_key":73},"USN-7109-1",{"_key":75},"RHBA-2023:6364",{"_key":77},"RHBA-2023:6928",{"_key":79},"RHSA-2023:7762",{"_key":81},"RHSA-2023:7764",{"_key":83},"RHSA-2023:7765",{"_key":85},"RHSA-2023:7766",{"_key":87},"RHSA-2024:0121",{"_key":89},"RHSA-2023:5008",{"_key":91},"RHSA-2023:5009",{"_key":93},"RHSA-2023:6840",{"_key":95},"RHSA-2024:2160",{"_key":97},"RHSA-2024:2988",{"_key":99},"RHSA-2024:3352",{"_key":101},"RHSA-2024:3467",[],[104,105,106,107,108,109,110,111,113,115,117],{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":112},"CGA-9CMM-HP5J-RCP4",{"_key":114},"CGA-QP57-24M3-J7CH",{"_key":116},"CGA-XV6P-J2F2-FV4C",{"_key":118},"CGA-4GC6-FX2R-V7R7","2023-09-08T16:13:28.663Z","2025-02-13T17:02:47.366Z","Modified",{"cisa_kev":123,"cisa_ransomware":123,"cisa_vendor":9,"epss_severity":124,"epss_score":125,"severity":126,"severity_score":127,"severity_version":128,"severity_source":129,"severity_vector":130,"severity_status":121},false,"low",0.00087,"medium",6.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[132,140,146,152,157,162],{"url":133,"sources":134,"tags":137},"https://go.dev/issue/62197",[135,129,136],"cve.org","osv_go",[138,139],"Issue Tracking","REPORT",{"url":141,"sources":142,"tags":143},"https://go.dev/cl/526157",[135,129,136],[144,145],"Patch","FIX",{"url":147,"sources":148,"tags":149},"https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",[135,129,136],[150,151],"Release Notes","WEB",{"url":153,"sources":154,"tags":155},"https://pkg.go.dev/vuln/GO-2023-2043",[135,129],[156],"Vendor Advisory",{"url":158,"sources":159,"tags":160},"https://security.netapp.com/advisory/ntap-20231020-0009/",[135,129],[161],"Third Party Advisory",{"url":163,"sources":164,"tags":165},"https://security.gentoo.org/glsa/202311-09",[135,129],[],[],{"date":168,"score":125,"percentile":169},"2026-06-04",0.24918,[171,175,178,181,184,186,189,192,195,198,200,203,206,209,212,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,260,263,266,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,315,317,320,323,326,328,331,334,337,340,343,346,349,351,354,357,360,363,366,369,372,375,378,381,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431],{"date":172,"score":173,"percentile":174},"2025-11-04",0.00085,0.25307,{"date":176,"score":173,"percentile":177},"2025-11-05",0.25288,{"date":179,"score":173,"percentile":180},"2025-11-06",0.25295,{"date":182,"score":173,"percentile":183},"2025-11-07",0.25293,{"date":185,"score":173,"percentile":180},"2025-11-08",{"date":187,"score":173,"percentile":188},"2025-11-09",0.25254,{"date":190,"score":173,"percentile":191},"2025-11-10",0.25217,{"date":193,"score":173,"percentile":194},"2025-11-11",0.25221,{"date":196,"score":173,"percentile":197},"2025-11-12",0.25246,{"date":199,"score":173,"percentile":197},"2025-11-13",{"date":201,"score":173,"percentile":202},"2025-11-14",0.25241,{"date":204,"score":173,"percentile":205},"2025-11-15",0.25231,{"date":207,"score":173,"percentile":208},"2025-11-16",0.25183,{"date":210,"score":173,"percentile":211},"2025-11-17",0.2514,{"date":213,"score":214,"percentile":215},"2025-11-18",0.0096,0.74527,{"date":217,"score":214,"percentile":218},"2025-11-19",0.74535,{"date":220,"score":214,"percentile":221},"2025-11-20",0.74543,{"date":223,"score":173,"percentile":224},"2025-11-21",0.25061,{"date":226,"score":173,"percentile":227},"2025-11-22",0.25057,{"date":229,"score":173,"percentile":230},"2025-11-23",0.25006,{"date":232,"score":173,"percentile":233},"2025-11-24",0.24979,{"date":235,"score":173,"percentile":236},"2025-11-25",0.24964,{"date":238,"score":173,"percentile":239},"2025-11-26",0.24952,{"date":241,"score":173,"percentile":242},"2025-11-27",0.2495,{"date":244,"score":173,"percentile":245},"2025-11-28",0.24924,{"date":247,"score":173,"percentile":248},"2025-11-29",0.24915,{"date":250,"score":173,"percentile":251},"2025-11-30",0.24889,{"date":253,"score":173,"percentile":254},"2025-12-01",0.24929,{"date":256,"score":173,"percentile":257},"2025-12-02",0.24954,{"date":259,"score":173,"percentile":236},"2025-12-03",{"date":261,"score":173,"percentile":262},"2025-12-04",0.24894,{"date":264,"score":173,"percentile":265},"2025-12-05",0.24947,{"date":267,"score":173,"percentile":265},"2025-12-06",{"date":269,"score":173,"percentile":270},"2025-12-07",0.24914,{"date":272,"score":173,"percentile":273},"2025-12-08",0.24921,{"date":275,"score":173,"percentile":276},"2025-12-09",0.24975,{"date":278,"score":173,"percentile":279},"2025-12-10",0.25042,{"date":281,"score":173,"percentile":282},"2025-12-11",0.25055,{"date":284,"score":173,"percentile":285},"2025-12-12",0.2507,{"date":287,"score":173,"percentile":288},"2025-12-13",0.25071,{"date":290,"score":173,"percentile":291},"2025-12-14",0.25046,{"date":293,"score":173,"percentile":294},"2025-12-15",0.25018,{"date":296,"score":173,"percentile":297},"2025-12-16",0.25036,{"date":299,"score":173,"percentile":300},"2025-12-17",0.25112,{"date":302,"score":173,"percentile":303},"2025-12-18",0.25171,{"date":305,"score":173,"percentile":306},"2025-12-19",0.25187,{"date":308,"score":173,"percentile":309},"2025-12-20",0.25156,{"date":311,"score":173,"percentile":312},"2025-12-21",0.25106,{"date":314,"score":173,"percentile":224},"2025-12-22",{"date":316,"score":173,"percentile":297},"2025-12-23",{"date":318,"score":173,"percentile":319},"2025-12-24",0.25045,{"date":321,"score":173,"percentile":322},"2025-12-25",0.25122,{"date":324,"score":173,"percentile":325},"2025-12-26",0.25109,{"date":327,"score":173,"percentile":312},"2025-12-27",{"date":329,"score":173,"percentile":330},"2025-12-28",0.24977,{"date":332,"score":173,"percentile":333},"2025-12-29",0.24945,{"date":335,"score":173,"percentile":336},"2025-12-30",0.2494,{"date":338,"score":173,"percentile":339},"2025-12-31",0.25002,{"date":341,"score":173,"percentile":342},"2026-01-01",0.25102,{"date":344,"score":173,"percentile":345},"2026-01-02",0.25094,{"date":347,"score":173,"percentile":348},"2026-01-03",0.25077,{"date":350,"score":173,"percentile":233},"2026-01-04",{"date":352,"score":173,"percentile":353},"2026-01-05",0.24959,{"date":355,"score":173,"percentile":356},"2026-01-06",0.24966,{"date":358,"score":173,"percentile":359},"2026-01-07",0.24995,{"date":361,"score":173,"percentile":362},"2026-01-08",0.2504,{"date":364,"score":173,"percentile":365},"2026-01-09",0.25017,{"date":367,"score":173,"percentile":368},"2026-01-10",0.24988,{"date":370,"score":173,"percentile":371},"2026-01-11",0.24965,{"date":373,"score":173,"percentile":374},"2026-01-12",0.24927,{"date":376,"score":173,"percentile":377},"2026-01-13",0.24903,{"date":379,"score":173,"percentile":380},"2026-01-14",0.2496,{"date":382,"score":173,"percentile":242},"2026-01-15",{"date":384,"score":173,"percentile":385},"2026-01-16",0.24982,{"date":387,"score":173,"percentile":388},"2026-01-17",0.24987,{"date":390,"score":173,"percentile":391},"2026-01-18",0.24963,{"date":393,"score":173,"percentile":394},"2026-01-19",0.24917,{"date":396,"score":173,"percentile":397},"2026-01-20",0.249,{"date":399,"score":173,"percentile":400},"2026-01-21",0.24856,{"date":402,"score":173,"percentile":403},"2026-01-22",0.24843,{"date":405,"score":173,"percentile":406},"2026-01-23",0.24926,{"date":408,"score":173,"percentile":409},"2026-01-24",0.24932,{"date":411,"score":173,"percentile":412},"2026-01-25",0.24847,{"date":414,"score":173,"percentile":415},"2026-01-26",0.24754,{"date":417,"score":173,"percentile":418},"2026-01-27",0.24741,{"date":420,"score":173,"percentile":421},"2026-01-28",0.24738,{"date":423,"score":173,"percentile":424},"2026-01-29",0.24702,{"date":426,"score":173,"percentile":427},"2026-01-30",0.24687,{"date":429,"score":173,"percentile":430},"2026-01-31",0.2468,{"date":432,"score":173,"percentile":433},"2026-02-01",0.2473,[435],{"source":129,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":436,"cvss_v4_0":9},{"baseScore":127,"baseSeverity":437,"vectorString":130,"impactScore":438,"exploitabilityScore":439},"MEDIUM",4.5,7.2,[441,456,466],{"ecosystem":9,"name":442,"vendor":443,"product":442,"cpe_part":444,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":445},"html/template","go standard library","a",[446,451],{"version":447,"is_range":448,"range_type":135,"version_start":9,"version_start_type":9,"version_end":449,"version_end_type":450,"fixed_in":9},"\u003C 1.20.8",true,"1.20.8","excluding",{"version":452,"is_range":448,"range_type":135,"version_start":453,"version_start_type":454,"version_end":455,"version_end_type":450,"fixed_in":9},">= 1.21.0-0, \u003C 1.21.1","1.21.0-0","including","1.21.1",{"ecosystem":9,"name":457,"vendor":458,"product":457,"cpe_part":444,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":459},"go","golang",[460,463],{"version":461,"is_range":448,"range_type":462,"version_start":9,"version_start_type":9,"version_end":449,"version_end_type":450,"fixed_in":9},"lt1.20.8","cpe",{"version":464,"is_range":448,"range_type":462,"version_start":465,"version_start_type":454,"version_end":455,"version_end_type":450,"fixed_in":9},"gte1.21.0_lt1.21.1","1.21.0",{"ecosystem":467,"name":468,"vendor":467,"product":468,"cpe_part":9,"purl_type":458,"purl_namespace":9,"purl_name":468,"source":9,"versions":469},"Go","stdlib",[470],{"version":471,"is_range":448,"range_type":472,"version_start":453,"version_start_type":454,"version_end":455,"version_end_type":450,"fixed_in":9},"gte1_21_0_0_lt1_21_1","semver"]