Filtered by vendor Yiiframework
Subscriptions
Filtered by product Gii
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34297 | 1 Yiiframework | 1 Gii | 2024-11-21 | 5.4 Medium |
| Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field. | ||||
| CVE-2020-36655 | 1 Yiiframework | 1 Gii | 2024-11-21 | 8.8 High |
| Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file. | ||||
Page 1 of 1.