CVE-2017-7271 in Yii Frameworkinformation

Résumé (Anglaise)

Reflected Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.11, when development mode is used, allows remote attackers to inject arbitrary web script or HTML via crafted request data that is mishandled on the debug-mode exception screen.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Réserver

27/03/2017

Divulgation

27/03/2017

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
99007	Yii Framework Debug Mode Reflected cross site scripting	79	Non défini	Correctif officiel	CVE-2017-7271

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Interested in the pricing of exploits?

See the underground prices here!