Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.CreditsAdrian Junge aka vurloFederico Brasili, https://www.linkedin.com/in/federico-brasili-00b4b7332/Referenceshttps://developer.joomla.org/security-centre/1039-20260507-core-authenticated-blind-sqli-in-com-tags.html
