Vulnerability Details CVE-2017-11516
An XSS vulnerability exists in framework/views/errorHandler/exception.php in Yii Framework 2.0.12 affecting the exception screen when debug mode is enabled, because $exception->errorInfo is mishandled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2017-11516
-
cpe:2.3:a:yiiframework:yii:2.0.12