Security Advisory

CVE-2018-6010

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-01-22 22:00:00

Last updated 2024-08-05 05:47:56

Assigner mitre

State PUBLISHED

Description

In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php.

← Browse all CVEs View on cve.org ↗