Security Advisory

CVE-2022-25854

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-29 20:00:19

Last updated 2024-09-17 04:19:33

Assigner snyk

State PUBLISHED

Description

This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the XSS payload.

← Browse all CVEs View on cve.org ↗