Search by 
yiisoft/yii2-bootstrap Security Advisories for 2.0.1 (1)
-
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
PKSA-t4rs-j8m5-2fpy CVE-2015-3397
Affected version: <2.0.4
Reported by:
FriendsOfPHP/security-advisories