CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

OSV•added 2026/06/10 5:7 p.m.•6 views

DRUPAL-CONTRIB-2026-043

This module integrates the Tagify JavaScript library to enhance entity reference selection in entity reference widgets. The module does not properly sanitise the name of parent taxonomy terms when rendering suggestions in the Tagify dropdown. This results in a cross-site scripting vulnerability...

5.6AI score

Exploits0References1

Positive Technologies•added 2026/06/10 12:0 a.m.•11 views

PT-2026-48591

5.6AI score

Exploits0References2

Drupal•added 2026/06/10 12:0 a.m.•7 views

Tagify - Moderately critical - Cross-site scripting (XSS) - SA-CONTRIB-2026-043

5.5AI score

Exploits0References2

RedhatCVE•added 2026/03/26 5:3 p.m.•2 views

CVE-2026-3212

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

5.4CVSS5.8AI score0.00136EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•6 views

EUVD-2026-15469

6.1CVSS5.8AI score0.00136EPSS

Exploits0References2

NVD•added 2026/03/25 4:16 p.m.•2 views

CVE-2026-3212

5.4CVSS0.00136EPSS

Exploits0References1

Cvelist•added 2026/03/25 3:22 p.m.•20 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

0.00136EPSS

Exploits0References1

CVE•added 2026/03/25 3:22 p.m.•14 views

CVE-2026-3212

CVE-2026-3212 concerns the Drupal Tagify module (Tagify library integration). The issue is an improper neutralization of input during web page generation, leading to Cross-Site Scripting (XSS) when rendering user-supplied data inside JavaScript templates within the Tagify widget. Affected version...

5.4CVSS5.8AI score0.00136EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/03/25 3:22 p.m.•4 views

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

5.8AI score0.00136EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•6 views

Drupal Tagify 安全漏洞

Drupal Tagify is a Drupal module from the Drupal community that integrates the Tagify JavaScript library. Versions of Drupal Tagify prior to 1.2.49 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site scripting attacks...

5.4CVSS5.6AI score0.00136EPSS

Exploits0References1

OSV•added 2026/02/25 6:45 p.m.•4 views

DRUPAL-CONTRIB-2026-013

This module integrates the Tagify JavaScript library to enhance taxonomy entity reference widgets. The module does not sufficiently sanitise user-supplied input before rendering it inside JavaScript template strings within the Tagify widget. This allows arbitrary JavaScript execution in the brows...

5.4CVSS6AI score0.00136EPSS

Exploits0References1

Drupal•added 2026/02/25 12:0 a.m.•14 views

Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

5.4CVSS5.8AI score0.00136EPSS

Exploits0References1

Positive Technologies•added 2026/02/25 12:0 a.m.•6 views

PT-2026-22084

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.49 Description The Tagify module for Drupal does not properly sanitize user-provided input before using it in JavaScript templates within the Tagify widget. This allows for the execution of arbitrary...

5.4CVSS6.2AI score0.00136EPSS

Exploits0References5

OSV•added 2026/01/28 8:16 p.m.•3 views

CVE-2025-13983

5.4CVSS5.3AI score

Exploits0References1

NVD•added 2026/01/28 8:16 p.m.•9 views

CVE-2025-13983

5.4CVSS0.00136EPSS

Exploits0References1

Vulnrichment•added 2026/01/28 8:2 p.m.•3 views

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

5.9AI score0.00136EPSS

Exploits0References1

EUVD•added 2026/01/28 8:2 p.m.•4 views

EUVD-2025-206438

5.4CVSS5.9AI score0.00136EPSS

Exploits0References1

Cvelist•added 2026/01/28 8:2 p.m.•27 views

CVE-2025-13983 Tagify - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-121

0.00136EPSS

Exploits0References1

CVE•added 2026/01/28 8:2 p.m.•12 views

CVE-2025-13983

Summary of CVE-2025-13983 (Drupal Tagify XSS) A Cross-Site Scripting vulnerability affects the Drupal Tagify module, specifically Tagify up to version 1.2.43 (i.e., before 1.2.44). The root cause is improper neutralization of input during web page generation, which can allow attackers to inject s...

5.4CVSS5.9AI score0.00136EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/01/28 8:2 p.m.•5 views

CVE-2025-13983

5.9AI score0.00136EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by