2 matches found
CVE-2017-11516
An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception-errorInfo is mishandled...
CVE-2017-11516
The CVE-2017-11516 entry describes an XSS in Yii Framework 2.0.12: framework/views/errorHandler/exception.php mishandles $exception->errorInfo, enabling XSS on the exception screen when debug mode is enabled. The description and related references indicate this is a framework component-level i...