Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-03-27T17:00:00
Updated: 2017-05-07T20:57:01
Reserved: 2017-03-27T00:00:00
Link: CVE-2017-7271
JSON object: View
NVD Information
Status : Modified
Published: 2017-03-27T17:59:00.947
Modified: 2017-05-08T01:29:00.267
Link: CVE-2017-7271
JSON object: View
Redhat Information
No data.
CWE