Vulnerabilities (CVE)

Filtered by vendor Tagify Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25854 1 Tagify Project 1 Tagify 2024-02-28 3.5 LOW 5.4 MEDIUM
This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the XSS payload.