Yiisoft Yii

3 CVEs affecting Yiisoft Yii. Latest disclosed: 2025-04-10. Critical: 0, High: 2.

Top CVEs affecting Yiisoft Yii
CVESeverityScorePublishedSummary
CVE-2023-47130High8.12023-11-14Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize(…
CVE-2022-41922High8.12022-11-23`yiisoft/yii` before version 1.1.27 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. This has be…
CVE-2025-32027Medium6.12025-04-10Yii is an open source PHP web framework. Prior to 1.1.31, yiisoft/yii is vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is…