Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-6010

Опубликовано: 22 янв. 2018
Источник: debian

Описание

In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
yiiitppackage

Связанные уязвимости

nvd логотип

CVE-2018-6010

CVSS3: 7.5
nvd
около 8 лет назад

In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php.

github логотип

GHSA-8gfq-c54m-3rf6

CVSS3: 7.5
github
больше 3 лет назад

Yii Framework reflected Cross-site Scripting