PT-2026-22084

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.49 Description The Tagify module for Drupal does not properly sanitize user-provided input before using it in JavaScript templates within the Tagify widget. This allows for the execution of arbitrary...

Drupal Tagify security vulnerability

Drupal Tagify is a Drupal module from the Drupal community that integrates the Tagify JavaScript library. Versions of Drupal Tagify prior to 1.2.44 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site scripting attacks...

PT-2026-5202

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.44 Description A flaw exists in Drupal Tagify that allows for Cross-Site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerability could potentially...

DRUPAL-CONTRIB-2025-121

This module enables you to use the Tagify library to enhance text input fields with tag-style UI elements. The module does not sufficiently sanitize the infoLabel value under certain configurations, which can result in a cross-site scripting XSS vulnerability. This vulnerability is mitigated by t...