[HIGH] The CDetailView widget allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property

PKSA-sfqm-67yf-rdtq CVE-2014-4672 GHSA-74qv-rv53-5wcx

Affected package: yiisoft/yii

Affected version: >=1.1.14,<1.1.15

Reported by:
GitHub, FriendsOfPHP/security-advisories