You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Materialize-css vulnerable to Cross-site Scripting in tooltip component
Moderate severity
GitHub Reviewed
Published
Apr 9, 2019
to the GitHub Advisory Database
•
Updated Aug 28, 2023
All versions of materialize-css are vulnerable to Cross-Site Scripting. The tooltip component does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript code if the malicious input is rendered by a user.
Recommendation
No fix is currently available. Consider using an alternative module until a fix is made available.
All versions of
materialize-cssare vulnerable to Cross-Site Scripting. Thetooltipcomponent does not sufficiently sanitize user input, allowing an attacker to execute arbitrary JavaScript code if the malicious input is rendered by a user.Recommendation
No fix is currently available. Consider using an alternative module until a fix is made available.
References