[HIGH] Command injection in yiisoft/yii2-gii

PKSA-mm6g-r738-y4dn CVE-2020-36655 GHSA-3mpg-q26j-83j5

Affected version: <2.2.2

Reported by:
GitHub

[MEDIUM] Yii2 Gii Cross-site Scripting vulnerability

PKSA-bbgw-mkqz-n76v CVE-2022-34297 GHSA-x87m-36g7-6mpw

Affected version: <=2.2.4

Reported by:
GitHub

JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks

PKSA-3jnd-ncvd-j4wd CVE-2015-3397

Affected version: <2.0.4

Reported by:
FriendsOfPHP/security-advisories