CVE-2023-1496

GHSA-ch9g-x9j7-rcgp, CVE-2023-1496

go/github.com/imgproxy/imgproxy/v3

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0.

All versions before 3.14.0

Upgrade to version 3.14.0 or above.

2023-03-22