VYPR
High severity7.5NVD Advisory· Published Jan 22, 2018· Updated Jun 17, 2026

CVE-2018-6010

CVE-2018-6010

Description

In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
yiisoft/yii2Packagist
>= 2.0.0, < 2.0.142.0.14

Affected products

1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.