github
diff --git a/‎go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
Copy file name to clipboardExpand all lines: go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
+1-1Lines changed: 1 addition & 1 deletion b/‎go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
Copy file name to clipboardExpand all lines: go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎go/ql/src/change-notes/2025-05-01-html-template-escaping-bypass-xss.md
Copy file name to clipboard
+1-1Lines changed: 1 addition & 1 deletion b/‎go/ql/src/change-notes/2025-05-01-html-template-escaping-bypass-xss.md
Copy file name to clipboard
+1-1Lines changed: 1 addition & 1 deletion
@@ -1,5 +1,5 @@
 /**
- * @name HTML template escaping bypass cross-site scripting
+ * @name Cross-site scripting via HTML template escaping bypass
  * @description Converting user input to a special type that avoids escaping
  *              when fed into an HTML template allows for a cross-site
  *              scripting vulnerability.
 
@@ -1,4 +1,4 @@
 ---
 category: newQuery
 ---
-* A new query (`go/html-template-escaping-bypass-xss`) has been promoted to the main query suite. This query finds potential cross-site scripting (XSS) vulnerabilities when using the `html/template` package, caused by user input being cast to a type which bypasses the HTML autoescaping. It was originally contributed to the experimental query pack by @gagliardetto in <https://github.com/github/codeql-go/pull/493>.
+* Query (`go/html-template-escaping-bypass-xss`) has been promoted to the main query suite. This query finds potential cross-site scripting (XSS) vulnerabilities when using the `html/template` package, caused by user input being cast to a type which bypasses the HTML autoescaping. It was originally contributed to the experimental query pack by @gagliardetto in <https://github.com/github/codeql-go/pull/493>.