CVE-2025-32027

Published April 10th, 2025

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii is vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is used. Upgrade yiisoft/yii to version 1.1.31 or higher.

yiisoft/yii

Yii PHP Framework 1.1.x

GitHub

4.83K