Vulnerabilities > Yiiframework > Yiiframework > 1.1.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-05-14 | CVE-2015-3397 | Cross-site Scripting vulnerability in Yiiframework Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7. | 4.3 |