CVE-2026-11908
CVE-2026-11908 affects Drupal Tagify integration. The issue is an improper neutralization of input during web page generation in Tagify, allowing Stored XSS in Tagify widgets for versions 0.0.0 through 1.2.52. Connected sources (NVD, CVE lists, DRUPAL-SA-CONTRIB-2026-043, OSV) confirm the cross-s...