Product
A vulnerability exists in goxmlsig versions prior to 1.6.0 related to loop variable capture in the `validateSignature` function when using older Go versions, leading to incorrect signature validation.