Description
In Materialize through 1.0.0, XSS is possible via the Autocomplete feature.
Remediation
References
https://github.com/Dogfalo/materialize/issues/6286
Related Vulnerabilities
CVE-2020-28441 Vulnerability in npm package conf-cfg-ini
CVE-2018-9206 Vulnerability in maven package org.webjars.bower:blueimp-file-upload
CVE-2022-40151 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2023-40817 Vulnerability in maven package org.opencrx:opencrx-core-models
CVE-2023-46604 Vulnerability in maven package org.apache.activemq:activemq-openwire-legacy