Yii — CWE-79
All Frameworks
›
Yii
›
CWE-79
1 CVEs categorized as
CWE-79 — Cross-site Scripting (XSS)
in
Yii
.
CVE-2025-32027
MEDIUM
2025
Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii is vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is used. Upgrade yiisoft/yii to version 1.1.31 or higher.