Filtered by vendor Tagify Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-25854 | 1 Tagify Project | 1 Tagify | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the XSS payload. |