0.001 Low
EPSS
Percentile
29.5%
yiisoft/yii2 is vulnerable to cross-site scripting (XSS).When debug mode is enabled, the $exception->errorInfo is mishandled, allowing attackers to execute XSS attacks.
$exception->errorInfo
github.com/yiisoft/yii2/pull/14492