Gii
1 CVEs
product
Monthly
Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Gii
NVD
GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-34297
PHP
EPSS 1%
CVSS 5.4
MEDIUM
POC
This Month
Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a payload into any field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Gii
NVD
GitHub