RSS   Vulnerabilities for 'Sprout forms'   RSS

2020-05-07
 
CVE-2020-11056

CWE-94
 

 
In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0.

 


Copyright 2024, cxsecurity.com

 

Back to Top