Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Materialize through 1.0.0, XSS is possible via the Tooltip feature.
Advisories for Npm/@Materializecss/Materialize package
2019
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Materialize through 1.0.0, XSS is possible via the Toast feature.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Materialize through 1.0.0, XSS is possible via the Autocomplete feature.