CVE-2019-11002 (materialize)

In Materialize through 1.0.0, XSS is possible via the Tooltip feature.
Source: NIST
CVE-2019-11002 (materialize)