Description
In Materialize through 1.0.0, XSS is possible via the Tooltip feature.
Remediation
References
https://github.com/Dogfalo/materialize/issues/6286
Related Vulnerabilities
CVE-2020-35460 Vulnerability in maven package net.sf.mpxj:mpxj
CVE-2020-14968 Vulnerability in maven package org.webjars.bower:jsrsasign
CVE-2019-18797 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2016-4055 Vulnerability in maven package org.webjars.bower:moment
CVE-2021-21344 Vulnerability in maven package com.thoughtworks.xstream:xstream