Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing in github.com/umputun/remark42
{ "url": "https://pkg.go.dev/vuln/GO-2026-5804", "review_status": "UNREVIEWED" }
"https://vuln.go.dev/ID/GO-2026-5804.json"