Количество 3
Количество 3
CVE-2022-25349
All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component.
CVE-2022-25349
All versions of package materialize-css are vulnerable to Cross-site S ...
GHSA-7jvx-f994-rfw2
materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-25349 All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component. | CVSS3: 5.4 | 0% Низкий | почти 4 года назад |
| CVE-2022-25349 All versions of package materialize-css are vulnerable to Cross-site S ... | CVSS3: 5.4 | 0% Низкий | почти 4 года назад |
| GHSA-7jvx-f994-rfw2 materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input | CVSS3: 5.4 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу