html/template: escaper bypass enables XSS via type="" attribute in <script> (original) (raw)
If a trusted template author were to write a
type="" attribute in <script> (original) (raw)If a trusted template author were to write a