yairEO/tagify

Releases316

Frequency1 week 3 days

Last Release about 2 months ago

Stars3.88K

🔖 lightweight, efficient Tags input component in Vanilla JS / React / Angular / Vue

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-25854 ↗	Apr 29, 2022Friday, 29 April 2022, 20:15	5.4 MEDIUM	3.5 LOW
This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the XSS payload.