—
GO-2026-5804
Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing in github.com/umputun/remark42
Details
Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing in github.com/umputun/remark42
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/umputun/remark42
Introduced in:
1.6.0 Fixed in: 1.16.0 Fix
go get github.com/umputun/remark42@v1.16.0