Title: Go/CWE-643: XPath Injection Query in Go · Issue #52 · github/securitylab · GitHub
Open Graph Title: Go/CWE-643: XPath Injection Query in Go · Issue #52 · github/securitylab
X Title: Go/CWE-643: XPath Injection Query in Go · Issue #52 · github/securitylab
Description: CVE ID(s) None Report OWASP on XPath Injection: XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malformed information into the web site, an a...
Open Graph Description: CVE ID(s) None Report OWASP on XPath Injection: XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malfo...
X Description: CVE ID(s) None Report OWASP on XPath Injection: XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malfo...
Opengraph URL: https://github.com/github/securitylab/issues/52
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Go/CWE-643: XPath Injection Query in Go","articleBody":"## CVE ID(s)\r\n\r\n- None\r\n\r\n## Report\r\n\r\n[OWASP on XPath Injection](https://owasp.org/www-community/attacks/XPATH_Injection):\r\n\u003e XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malformed information into the web site, an attacker can find out how the XML data is structured, or access data that he may not normally have access to.\r\n\r\nhttps://github.com/github/codeql-go/pull/66\r\n\r\n- [x] Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). *We would love to have you spread the word about the good work you are doing*\r\n","author":{"url":"https://github.com/intrigus-lgtm","@type":"Person","name":"intrigus-lgtm"},"datePublished":"2020-03-19T21:39:54.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":3},"url":"https://github.com/52/securitylab/issues/52"}
| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:08866d60-788a-bc7e-3915-4edaafe7efb7 |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | D9F6:2CD26:648BC3:942C14:6A4E109E |
| html-safe-nonce | 63a93ae63c616dd5c338bcca5d93dca6dad9f1c1af0ed3572a6aacf8d6ffc7fa |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJEOUY2OjJDRDI2OjY0OEJDMzo5NDJDMTQ6NkE0RTEwOUUiLCJ2aXNpdG9yX2lkIjoiMjIwNzAzNTQ4MDE3MTQ4MzI5NCIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | a4065c65da6155c4444067aa461cfb01e3768862dfa66c1b0498f4fbfb02f962 |
| hovercard-subject-tag | issue:584715964 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/github/securitylab/52/issue_layout |
| twitter:image | https://opengraph.githubassets.com/900aaa8e859b8d48e5c7af079e87ef64e55906f0c1884484d808557ae0572c23/github/securitylab/issues/52 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/900aaa8e859b8d48e5c7af079e87ef64e55906f0c1884484d808557ae0572c23/github/securitylab/issues/52 |
| og:image:alt | CVE ID(s) None Report OWASP on XPath Injection: XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malfo... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | intrigus-lgtm |
| hostname | github.com |
| expected-hostname | github.com |
| None | df0492960db29b4938cb72070351d6b1d0c6c0767b27ceb8394bbf4fcc0223c6 |
| turbo-cache-control | no-preview |
| go-import | github.com/github/securitylab git https://github.com/github/securitylab.git |
| octolytics-dimension-user_id | 9919 |
| octolytics-dimension-user_login | github |
| octolytics-dimension-repository_id | 221101274 |
| octolytics-dimension-repository_nwo | github/securitylab |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 221101274 |
| octolytics-dimension-repository_network_root_nwo | github/securitylab |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 51470c353b8a1f52a88d3e3cc2014b17ab8cc1ce |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width