Security in Yii2

Anybody help me! I’m using website (Yii2 framework)

Some hackers said that my site have some Security errors :

  1. Security Vulnerability cross-site scripting, a high level of risk: 3,

medium level risk: 10.

  1. SQL Injection vulnerability has 2 high level errors related to technology platform built website.

Can u check again and how to fix theme ?

HI Anh Vu yii2 guide Security Best pratice explain these points,

another Sql injection wiki

sorry I am lazy to do a check on your page :(

Is it a result of an automated security scan? If so, you have to track down the execution path for each request marked as “vulnerable” and fix errors manually, one by one. Unfortunately there’s no generic way to fix all security vulnerabilities.