4 matches found
CVE-2017-7271
Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...
Cross site scripting
Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...
CVE-2017-7271
Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...
CVE-2017-7271
CVE-2017-7271 describes a reflected XSS in the Yii Framework prior to 2.0.11. In development mode, crafted request data can be mishandled on the debug-mode exception screen, allowing remote attackers to inject arbitrary script/HTML. Affected product/version: Yii Framework before 2.0.11 (developme...