CVE-2021-47843
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-15

Last updated on: 2026-02-05

Assigner: VulnCheck

Description
Tagstoo 2.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious payloads through files or custom tags. Attackers can execute arbitrary JavaScript code to spawn system processes, access files, and perform remote code execution on the victim's computer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-15
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47843
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tagstoo tagstoo 2.0.1
pabloandumundu tagstoo 2.0.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Tagstoo 2.0.1 contains a stored cross-site scripting (XSS) vulnerability that allows attackers to inject malicious payloads through files or custom tags. When a user opens a file or folder with such a malicious payload in Tagstoo, the payload executes arbitrary JavaScript code. This code can spawn system processes, access files, and perform remote code execution on the victim's computer with the privileges of the user running the application. [1]

Impact Analysis

This vulnerability can lead to remote code execution on your computer, allowing attackers to run arbitrary commands or programs with your user privileges. For example, attackers can execute system applications like calculators or exfiltrate sensitive files such as /etc/passwd to remote servers. This can compromise your system's security, privacy, and data integrity. [1]

Detection Guidance

This vulnerability can be detected by identifying malicious payloads embedded in files or custom tags within Tagstoo 2.0.1. Since the exploit uses JavaScript payloads executed upon opening files or folders, monitoring for suspicious <img> tags with onerror events or unusual script tags in tagged files can help detect exploitation attempts. Additionally, commands to check for suspicious processes spawned by Node.js internals or unexpected network connections (such as netcat exfiltration) can be used. For example, on Linux systems, you can use commands like `ps aux | grep gnome-calculator` to detect unexpected calculator processes or `netstat -anp | grep nc` to detect netcat connections. Also, scanning files for encoded payloads resembling `<img onerror=...>` tags may help identify malicious tags. [1]

Mitigation Strategies

Immediate mitigation steps include avoiding opening files or folders tagged with untrusted or unknown sources in Tagstoo 2.0.1, as the vulnerability executes payloads upon opening. Restrict user privileges to limit the impact of potential code execution. Monitor and block suspicious network activity such as unexpected outbound connections initiated by the application. If possible, disable or restrict the use of custom tags or file tagging features until a patch or update is available. Additionally, consider using application whitelisting or sandboxing to limit the execution of unauthorized code. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47843. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart