Materialize

materialize

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-25349 1Materializecss 1Materialize Nov 21, 2024 May 1, 2022 N/A· v4 5.4 MEDIUM· v3 4.3 MEDIUM· v2 All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Docum...Show more All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component.Show less
CVE-2019-11004 1Materializecss 1Materialize Jun 17, 2026 Apr 8, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In Materialize through 1.0.0, XSS is possible via the Toast feature.
CVE-2019-11003 1Materializecss 1Materialize Jun 17, 2026 Apr 8, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In Materialize through 1.0.0, XSS is possible via the Autocomplete feature.
CVE-2019-11002 1Materializecss 1Materialize Jun 17, 2026 Apr 8, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In Materialize through 1.0.0, XSS is possible via the Tooltip feature.