CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Yiiframework: >> Yiiframework >> 1.1.10 Security Vulnerabilities

CVE-2015-3397

Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7.

CVSS Score

4.3

EPSS Score

0.004

Published

2015-05-14

Page 1

Vulnerabilities

Vulnerable Software

Yiiframework: >> Yiiframework >> 1.1.10 Security Vulnerabilities

Products

Pricing

Contact Us