Description
The Yii2 Gii extension was found in the web application. Gii is a Web-based code generator for Yii2, which should be enabled only for the development environment with a strict white-list of allowed IP addresses
Remediation
Disable the Gii extension or restrict access to proper IP addresses only
References
Related Vulnerabilities
WordPress 6.3.x Multiple Vulnerabilities (6.3 - 6.3.1)
Apache Axis2 administration console weak password
Unrestricted access to NGINX+ Upstream HTTP interface
ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)
Content-Security-Policy-Report-Only Cannot Be Declared Without report-uri Directive