Due to the behavior of encoding/xml, a crafted XML document may cause XML Digital Signature validation to be entirely bypassed, causing an unsigned document to appear signed.
{ "imports": [ { "path": "github.com/russellhaering/goxmldsig", "symbols": [ "ValidationContext.Validate", "ValidationContext.findSignature" ] } ] }