diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php
index c04308a717..c36536348f 100644
--- a/pandora_console/include/functions_events.php
+++ b/pandora_console/include/functions_events.php
@@ -1205,7 +1205,12 @@ function events_get_all(
         $tags = json_decode($tag_without, true);
         if (is_array($tags) === true && in_array('0', $tags) === false) {
             if (!$user_is_admin) {
-                $user_tags = array_flip(tags_get_tags_for_module_search());
+                $tags_module_search = tags_get_tags_for_module_search();
+                if ($tags_module_search === false) {
+                    $tags_module_search = [];
+                }
+
+                $user_tags = array_flip($tags_module_search);
                 if ($user_tags != null) {
                     foreach ($tags as $key_tag => $id_tag) {
                         // User cannot filter with those tags.
@@ -4948,6 +4953,8 @@ function events_clean_tags($tags)
     }
 
     $event_tags = tags_get_tags_formatted($tags, false);
+    $event_tags = io_safe_input($event_tags);
+
     return explode(',', str_replace(' ', '', $event_tags));
 }
 
diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php
index 1ae830bba9..06dc8b1ada 100644
--- a/pandora_console/include/functions_tags.php
+++ b/pandora_console/include/functions_tags.php
@@ -1334,7 +1334,7 @@ function tags_checks_event_acl($id_user, $id_group, $access, $tags=[], $children
 				WHERE ".get_acl_column($access).' = 1)';
 
     if (isset($id_group)) {
-        $sql .= 'AND id_grupo = '.$id_group;
+        $sql .= ' AND id_grupo = '.$id_group;
     }
 
     $user_has_perm_without_tags = db_get_all_rows_sql($sql);
@@ -1343,6 +1343,7 @@ function tags_checks_event_acl($id_user, $id_group, $access, $tags=[], $children
         return true;
     }
 
+    $tags_aux = [];
     $tags_str = '';
     if (!empty($tags)) {
         foreach ($tags as $tag) {