Packagist (Composer) package
barrelstrength/sprout-base-email
pkg:composer/barrelstrength/sprout-base-email
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-11056 | — | < 1.2.7 | 1.2.7 | May 7, 2020 | In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0. |
- CVE-2020-11056May 7, 2020affected < 1.2.7fixed 1.2.7
In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0.