Packagist (Composer) package
barrelstrength/sprout-forms
pkg:composer/barrelstrength/sprout-forms
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-11056 | — | < 3.9.0 | 3.9.0 | May 7, 2020 | In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0. |
- CVE-2020-11056May 7, 2020affected < 3.9.0fixed 3.9.0
In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0.