Golang XML vulnerabilities - Githubissues

xmppo / go-xmpp

Go XMPP Library (From Yasuhiro Matsumoto and based on the code from Russ Cox)

https://golang.org/

BSD 3-Clause "New" or "Revised" License

530 stars 167 forks source link

Golang XML vulnerabilities #126

Open mdosch opened 3 years ago

mdosch commented 3 years ago

FYI

https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md

Neustradamus commented 3 years ago

From @licaon-kter:

Ref: https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/