2023-04-04 00:00:00
mitre
PUBLISHED
SQL injection vulnerability found in Yii Framework Yii 2 Framework before v.2.0.47 allows the a remote attacker to execute arbitrary code via the runAction function. NOTE: the software maintainers position is that the vulnerability is in third-party code, not in the framework.