Lucene search
K

45 matches found

EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43049

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

6.1AI score0.00161EPSS
Exploits0References2
NVD
NVD
added 5 days ago3 views

CVE-2026-11908

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

5.4CVSS0.00161EPSS
Exploits0References1
OSV
OSV
added 5 days ago3 views

CVE-2026-11908 Tagify - Moderately critical - Cross-site scripting (XSS) - SA-CONTRIB-2026-043

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

5.4CVSS6.1AI score0.00161EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-11908 Tagify - Moderately critical - Cross-site scripting (XSS) - SA-CONTRIB-2026-043

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

0.00161EPSS
Exploits0References1
CVE
CVE
added 5 days ago26 views

CVE-2026-11908

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Stored XSS. This issue affects Tagify versions: from 0.0.0 to 1.2.52...

5.4CVSS6.1AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 5:7 p.m.10 views

DRUPAL-CONTRIB-2026-043

This module integrates the Tagify JavaScript library to enhance entity reference selection in entity reference widgets. The module does not properly sanitise the name of parent taxonomy terms when rendering suggestions in the Tagify dropdown. This results in a cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00161EPSS
Exploits0References1
Drupal
Drupal
added 2026/06/10 12:0 a.m.14 views

Tagify - Moderately critical - Cross-site scripting (XSS) - SA-CONTRIB-2026-043

This module integrates the Tagify JavaScript library to enhance entity reference selection in entity reference widgets. The module does not properly sanitise the name of parent taxonomy terms when rendering suggestions in the Tagify dropdown. This results in a cross-site scripting vulnerability...

5.5AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48591

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions 0.0.0 through 1.2.52 Description Stored Cross-site Scripting XSS occurs because the module fails to properly sanitize the name of parent taxonomy terms when rendering suggestions in the Tagify dropdown. This allows an...

6.3AI score0.00161EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 5:3 p.m.4 views

CVE-2026-3212

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.8 views

EUVD-2026-15469

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

6.1CVSS5.8AI score0.00136EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 4:16 p.m.8 views

CVE-2026-3212

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

5.4CVSS0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 3:22 p.m.4 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

5.8AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 3:22 p.m.24 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

0.00136EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 3:22 p.m.20 views

CVE-2026-3212

CVE-2026-3212 concerns the Drupal Tagify module (Tagify library integration). The issue is an improper neutralization of input during web page generation, leading to Cross-Site Scripting (XSS) when rendering user-supplied data inside JavaScript templates within the Tagify widget. Affected version...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

Drupal Tagify 安全漏洞

Drupal Tagify is a Drupal module from the Drupal community that integrates the Tagify JavaScript library. Versions of Drupal Tagify prior to 1.2.49 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site scripting attacks...

5.4CVSS5.6AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2026/02/25 6:45 p.m.6 views

DRUPAL-CONTRIB-2026-013

This module integrates the Tagify JavaScript library to enhance taxonomy entity reference widgets. The module does not sufficiently sanitise user-supplied input before rendering it inside JavaScript template strings within the Tagify widget. This allows arbitrary JavaScript execution in the brows...

5.4CVSS6AI score0.00136EPSS
Exploits0References1
Drupal
Drupal
added 2026/02/25 12:0 a.m.16 views

Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

This module integrates the Tagify JavaScript library to enhance taxonomy entity reference widgets. The module does not sufficiently sanitise user-supplied input before rendering it inside JavaScript template strings within the Tagify widget. This allows arbitrary JavaScript execution in the brows...

5.4CVSS5.8AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.11 views

PT-2026-22084

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.49 Description The Tagify module for Drupal does not properly sanitize user-provided input before using it in JavaScript templates within the Tagify widget. This allows for the execution of arbitrary...

5.4CVSS6.2AI score0.00136EPSS
Exploits0References5
NVD
NVD
added 2026/01/28 8:16 p.m.21 views

CVE-2025-13983

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

5.4CVSS0.00136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/28 8:2 p.m.6 views

CVE-2025-13983

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.44...

5.9AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder