CVE-2025-32027
6.1
MediumCVE-2025-32027
•
security-advisories@github.com
•
Awaiting Analysis
Description
Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii is vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is used. Upgrade yiisoft/yii to version 1.1.31 or higher.
Exploits
No known exploits found for this CVE.
Search Exploit-DBReferences
security-advisories@github.com
https://github.com/yiisoft/yii/commit/d386d737861c9014269b7ed8c36c65eadb387368security-advisories@github.com
https://github.com/yiisoft/yii/security/advisories/GHSA-7r2v-8wxr-3ch5