Exposure of Yii
Web frameworks51
exposure score
20,788
sites use
1
exploited
1
critical
CVEs
4 resultsCVE-2024-58136CRITICALYii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited iEPSS 87.7%KEVCVE-2023-47130HIGHUnsafe deserialization of user data in yiisoft/yiiEPSS 3.1%CVE-2022-41922HIGHyiisoft/yii before v1.1.27 vulnerable to Remote Code Execution if the application calls `unserialize()` on arbitrary user inputEPSS 1.1%CVE-2025-32027MEDIUMYii does not prevent XSS in scenarios where fallback error renderer is usedEPSS 0.2%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →