| CARVIEW |
Select Language
HTTP/2 200
server: nginx/1.18.0
date: Sun, 12 Oct 2025 07:24:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=vjerib2q1ii9r7qbp7vcbdbvka; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _csrf=ce0be343d1ebdb6b09aae3768efa79099d7a69ef79f9569cc9011c5be46eb787a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22308mMuV8pxkAmqSoUeJhJaOVyYA7WGD7%22%3B%7D; path=/; HttpOnly; SameSite=Lax
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://kiwiirc.com ; style-src 'self' 'unsafe-inline'; img-src 'self' https://user-content.yiiframework.com https://www.gravatar.com https://www.gravatar.com data: ; child-src 'self' https://kiwiirc.com ; frame-src 'self' https://kiwiirc.com ; upgrade-insecure-requests ;
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
strict-transport-security: max-age=15552000
content-encoding: gzip
Report a Security Issue | Yii PHP Framework
Report a
Report a
Security Issue
Let's make Yii better
Please use the security issue form to report to us any security issue you find in Yii. DO NOT use the issue tracker or discuss it in the public forum as it will cause more damage than help.
Please note that as a non-commerial OpenSource project we are not able to pay bounties at the moment.
Security Issue Form
Once we receive your issue report, we will treat it as our highest priority. We will generally take the following steps in responding to security issues.
- Confirm the issue. We may contact with you for further discussion. We will send you an acknowledgement after the issue is confirmed.
- Work on a solution.
- Release a patch to all maintained versions.