CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

RedhatCVE•added 2026/03/26 5:3 p.m.•1 views

CVE-2026-3212

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

5.4CVSS5.8AI score0.00041EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15469

6.1CVSS5.8AI score0.00041EPSS

Exploits0References2

NVD•added 2026/03/25 4:16 p.m.•1 views

CVE-2026-3212

5.4CVSS0.00041EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 3:22 p.m.•2 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

5.8AI score0.00041EPSS

Exploits0References1

CVE•added 2026/03/25 3:22 p.m.•6 views

CVE-2026-3212

CVE-2026-3212 concerns the Drupal Tagify module (Tagify library integration). The issue is an improper neutralization of input during web page generation, leading to Cross-Site Scripting (XSS) when rendering user-supplied data inside JavaScript templates within the Tagify widget. Affected version...

5.4CVSS5.8AI score0.00041EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/25 3:22 p.m.•18 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

0.00041EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•2 views

Drupal Tagify 安全漏洞

Drupal Tagify is a Drupal module from the Drupal community that integrates the Tagify JavaScript library. Versions of Drupal Tagify prior to 1.2.49 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site scripting attacks...

5.4CVSS5.6AI score0.00041EPSS

Exploits0References1

OSV•added 2026/02/25 6:45 p.m.•3 views

DRUPAL-CONTRIB-2026-013

This module integrates the Tagify JavaScript library to enhance taxonomy entity reference widgets. The module does not sufficiently sanitise user-supplied input before rendering it inside JavaScript template strings within the Tagify widget. This allows arbitrary JavaScript execution in the brows...

5.4CVSS6AI score0.00041EPSS

Exploits0References1

Drupal•added 2026/02/25 12:0 a.m.•7 views

Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

5.4CVSS5.8AI score0.00041EPSS

Exploits0References1

Positive Technologies•added 2026/02/25 12:0 a.m.•1 views

PT-2026-22084

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.49 Description The Tagify module for Drupal does not properly sanitize user-provided input before using it in JavaScript templates within the Tagify widget. This allows for the execution of arbitrary...

5.4CVSS6.2AI score0.00041EPSS

Exploits0References5

NVD•added 2026/01/28 8:16 p.m.•5 views

CVE-2025-13983

5.4CVSS0.00054EPSS

Exploits0References1

OSV•added 2026/01/28 8:16 p.m.•2 views

CVE-2025-13983

5.4CVSS5.3AI score

Exploits0References1

ATTACKERKB•added 2026/01/28 8:2 p.m.•4 views

CVE-2025-13983

5.9AI score0.00054EPSS

Exploits0References2

Vulnrichment•added 2026/01/28 8:2 p.m.•2 views

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

5.9AI score0.00054EPSS

Exploits0References1

Cvelist•added 2026/01/28 8:2 p.m.•25 views

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

0.00054EPSS

Exploits0References1

EUVD•added 2026/01/28 8:2 p.m.•3 views

EUVD-2025-206438

5.4CVSS5.9AI score0.00054EPSS

Exploits0References1

CVE•added 2026/01/28 8:2 p.m.•5 views

CVE-2025-13983

Summary of CVE-2025-13983 (Drupal Tagify XSS) A Cross-Site Scripting vulnerability affects the Drupal Tagify module, specifically Tagify up to version 1.2.43 (i.e., before 1.2.44). The root cause is improper neutralization of input during web page generation, which can allow attackers to inject s...

5.4CVSS5.9AI score0.00054EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/01/28 12:0 a.m.•1 views

Drupal Tagify security vulnerability

Drupal Tagify is a Drupal module from the Drupal community that integrates the Tagify JavaScript library. Versions of Drupal Tagify prior to 1.2.44 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site scripting attacks...

5.4CVSS5.6AI score0.00054EPSS

Exploits0References1

Positive Technologies•added 2026/01/28 12:0 a.m.•3 views

PT-2026-5202

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.44 Description A flaw exists in Drupal Tagify that allows for Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerability could potentially...

5.4CVSS5.4AI score0.00054EPSS

Exploits0References6

OSV•added 2025/12/03 6:48 p.m.•4 views

DRUPAL-CONTRIB-2025-121

This module enables you to use the Tagify library to enhance text input fields with tag-style UI elements. The module does not sufficiently sanitize the infoLabel value under certain configurations, which can result in a cross-site scripting XSS vulnerability. This vulnerability is mitigated by t...

5.4CVSS5.9AI score0.00054EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by