Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation (GHSA-rg3q-jxmp-pvjj)
- Severity:
- Medium
Description
In Materialize through 1.0.0, XSS is possible via the Toast feature.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.0.0
References
Related Issues
- Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation - CVE-2019-11004
- Improper Neutralization of Input During Web Page Generation in Select2 - CVE-2016-10744
- Improper Neutralization of Input During Web Page Generation in swagger-ui - CVE-2016-1000229
- materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input - CVE-2022-25349
- Tags:
- npm
- materialize-css
Anything's wrong? Let us know Last updated on August 28, 2023