9.8
CVSSv3

CVE-2023-26750

Published: 04/04/2023 Updated: 17/05/2024
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

Vulnerability Summary

SQL injection vulnerability found in Yii Framework Yii 2 Framework before v.2.0.47 allows the a remote malicious user to execute arbitrary code via the runAction function. NOTE: the software maintainer's position is that the vulnerability is in third-party code, not in the framework.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

yiiframework yii