Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check (IsDangerousURL) before resolving HTML entities. This allows an attacker to bypass protocol filtering by encoding dangerous schemes using HTML5 named character references. For example, a payload such as javascript:alert(1) is not recognized as dangerous during validation, leading to arbitrary script execution in the context of applications that render the URL.
AnalysisAI
Cross-site scripting (XSS) in goldmark HTML renderer before version 1.7.17 allows unauthenticated remote attackers to execute arbitrary JavaScript by encoding dangerous URL schemes (such as javascript:) using HTML5 named character references, bypassing the renderer's prefix-based protocol validation due to improper ordering of entity resolution. Applications using affected versions can be exploited via crafted markdown containing malicious links that render unsafe protocols in user contexts, with a CVSS score of 6.1 indicating moderate real-world impact driven by the requirement for user interaction (UI:R) and change of scope across trust boundaries.
Technical ContextAI
The vulnerability exists in the goldmark markdown renderer's HTML output module, which processes markdown links and converts them to HTML anchor tags. The renderer implements URL validation through an IsDangerousURL function that uses prefix-based matching to detect and block dangerous protocols (javascript:, data:, vbscript:, etc.). However, the validation logic operates on the raw URL string before HTML entity resolution occurs. HTML5 named character references (such as : for ':') are resolved downstream during HTML rendering, allowing an attacker to encode the colon separator in dangerous schemes so they pass the prefix check intact. When the HTML is rendered by a browser, the entities are decoded, reconstructing the full dangerous URL scheme. This represents a classic CWE-79 (Improper Neutralization of Input During Web Page Generation) flaw where the order of operations creates a window for bypass. Affected versions are identified through the cpe:2.3:a:n/a:github.com/yuin/goldmark/renderer/html CPE string, indicating the renderer/html submodule of the goldmark package.
RemediationAI
Vendor-released patch: upgrade goldmark to version 1.7.17 or later. The upstream fix is documented in the commit cb46bbc4eca29d55aa9721e04ad207c23ccc44f9 (available at https://github.com/yuin/goldmark/commit/cb46bbc4eca29d55aa9721e04ad207c23ccc44f9), which reorders the validation logic to perform URL entity resolution before prefix-based dangerous protocol checking, preventing encoding bypasses. For Go applications, update the github.com/yuin/goldmark module dependency using 'go get -u github.com/yuin/goldmark@v1.7.17' or equivalent. Until patching, applications can implement additional server-side validation of link destinations using more robust URL parsing (parsing the URL to its canonical form before validation) rather than prefix matching. Verify the fix by testing against example payloads such as '[link](javascript:alert(1))' to confirm the renderer rejects or safely escapes the dangerous protocol.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22836
GHSA-c97m-vxhj-p7j6