html/template: improper sanitization of CSS valuesAngle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input. html/template: improper handling of JavaScript whitespace.N ...