Lucianot54

**Name of the Vulnerable Software and Affected Versions** Materialize versions prior to 1.0.1 materialize-css (all versions) **Description** The issue allows for Cross-Site Scripting (XSS) due to insufficient sanitization of user input in the `tooltip` component. This enables an attacker to execute arbitrary JavaScript code if the malicious input is rendered by a user. **Recommendations** For Materialize versions prior to 1.0.1, consider using an alternative module until a fix is made available. For materialize-css, consider using an alternative module until a fix is made available.

**Name of the Vulnerable Software and Affected Versions** Materialize versions prior to 1.0.1 materialize-css (affected versions not specified) **Description** The issue allows for Cross-Site Scripting (XSS) due to insufficient sanitization of user input in the `autocomplete` component. This enables an attacker to execute arbitrary JavaScript code if the malicious input is rendered by a user. **Recommendations** For Materialize versions prior to 1.0.1, consider using an alternative module until a fix is made available. For materialize-css, consider disabling the `autocomplete` component until a fix is made available.

**Name of the Vulnerable Software and Affected Versions** Materialize version 1.0.0 **Description** The issue allows for cross-site scripting (XSS) via the Toast feature. **Recommendations** For version 1.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.