← Back

Sprout Forms

sprout_forms

Vendor: Barrelstrengthdesign • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-11056
1Barrelstrengthdesign
1Sprout Forms
Nov 21, 2024
May 7, 2020
N/A· v4
6.3 MEDIUM· v3
6.5 MEDIUM· v2
In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0...Show more
In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0.Show less