lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2023-2012" }
"https://vuln.go.dev/ID/GO-2023-2012.json"