Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation (GHSA-rg3q-jxmp-pvjj)
- Severity:
- Medium
Description
In Materialize through 1.0.0, XSS is possible via the Toast feature.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.0.0
References
Related Issues
- Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups - CVE-2025-27789
- Materialize-css vulnerable to Cross-site Scripting in tooltip component (GHSA-98f7-p5rc-jx67) - CVE-2019-11002
- materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input - CVE-2022-25349
- Materialize-css vulnerable to Cross-site Scripting in autocomplete component (GHSA-7752-f4gf-94gc) - CVE-2019-11003
- Tags:
- npm
- materialize-css
Anything's wrong? Let us know Last updated on August 28, 2023