Filtered by vendor Yiiframework
                         Subscriptions
                    
                    
                
                        Filtered by product Gii
                         Subscriptions
                    
                    
                
                    Total
                    2 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2022-34297 | 1 Yiiframework | 1 Gii | 2025-04-22 | 5.4 Medium | 
| Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field. | ||||
| CVE-2020-36655 | 1 Yiiframework | 1 Gii | 2025-04-02 | 8.8 High | 
| Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file. | ||||
                            
                                
                                
                                    Page 1 of 1.