Yii 2.x prior to 2.0.15 allows remote malicious users to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yiiframework yii |