Yii Cross-site Scripting Framework vulnerability

An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception-errorInfo is mishandled...

Cross-site Scripting (XSS)

yiisoft/yii2 is vulnerable to cross-site scripting XSS.When debug mode is enabled, the $exception-errorInfo is mishandled, allowing attackers to execute XSS attacks...

CVE-2017-11516

An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception-errorInfo is mishandled...