CVE-2024-24785

MEDIUM5.4

Errors returned from JSON marshaling may break template escaping in html/template

Published Mar 5, 2024

Modified 10 months ago

No fix available

Details

If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.

References

WEBhttp://www.openwall.com/lists/oss-security/2024/03/08/4 WEBhttps://go.dev/cl/564196 WEBhttps://go.dev/issue/65697 WEBhttps://groups.google.com/g/golang-announce/c/5pwGVUPoMbg WEBhttps://pkg.go.dev/vuln/GO-2024-2610 WEBhttps://security.netapp.com/advisory/ntap-20240329-0008/ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-24785

CVSS Analysis

CVSS v3.1

5.4

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

LowC:L

Integrity

LowI:L

Availability

NoneA:N

5.4/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Ecosystems

Timeline

PublishedMar 5, 2024

ModifiedMar 14, 2025