GHSA-4C64-W8FG-XCQ2 Yii Cross-site Scripting Framework vulnerability

An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception-errorInfo is mishandled...

Yii Cross-site Scripting Framework vulnerability

An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception-errorInfo is mishandled...

CVE-2017-7271

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

Cross site scripting

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

CVE-2017-7271

Reflected Cross-site scripting XSS vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen...

CVE-2017-7271

CVE-2017-7271 describes a reflected XSS in the Yii Framework prior to 2.0.11. In development mode, crafted request data can be mishandled on the debug-mode exception screen, allowing remote attackers to inject arbitrary script/HTML. Affected product/version: Yii Framework before 2.0.11 (developme...