The tags page allows users to search for tags. If the search does not return any results, the query gets reflected on the error modal, which leads to an XSS.