[MEDIUM] Cross-site Scripting in yii2cmf

PKSA-xxx2-mfbc-8mb3 CVE-2018-10704 GHSA-mvrg-5c4w-7qv4

Affected package: yidashi/yii2cmf

Affected version: <=2.0

Reported by:
GitHub