Cross-site Scripting (XSS)

materialize-css is vulnerable to cross-site scripting. The highlight function of autocomplete.js does not properly escape the user input such as , allowing an attacker to inject and execute malicious javascript...