Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The Yii2-StateMachine extension v2.x.x for Yii2 has XSS.
Advisories for Composer/Ptheofan/Yii2-Statemachine package
2022
The Yii2-StateMachine extension v2.x.x for Yii2 has XSS.