Composer/Yii2mod/Yii2-Cms | GitLab Advisory Database

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

YII2-CMS v1.0 has XSS in protected\core\modules\home\models\Contact.php via a name field to /contact.html.