Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-7JVX-F994-RFW2
HistoryMay 03, 2022 - 12:00 a.m.

materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input

2022-05-0300:00:45
Google
osv.dev
23

0.001 Low

EPSS

Percentile

34.7%

JSON

All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component.

CPENameOperatorVersion
materialize-cssle1.0.0

Related

nvd 1
cve 1
prion 1
debiancve 1
veracode 1
cvelist 1
github 1
nvd
nvd
CVE-2022-25349
2022-05-01 16:15:08
cve
cve
CVE-2022-25349
2022-05-01 16:15:08
prion
prion
Cross site scripting
2022-05-01 16:15:00
debiancve
debiancve
CVE-2022-25349
2022-05-01 16:15:08
veracode
veracode
Cross-site Scripting (XSS)
2022-05-05 03:45:14
cvelist
cvelist
CVE-2022-25349 Cross-site Scripting (XSS)
2022-05-01 00:00:00
github
github
materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input
2022-05-03 00:00:45

0.001 Low

EPSS

Percentile

34.7%

JSON
Related for OSV:GHSA-7JVX-F994-RFW2
nvd1cve1prion1debiancve1veracode1cvelist1github1