Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/05 2:13 p.m.29 views

CVE-2020-11056

In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0...

7.4CVSS7.1AI score0.01029EPSS
Exploits0References1
nvd
nvd
added 2020/05/07 9:15 p.m.24 views

CVE-2020-11056

In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0...

7.4CVSS7.5AI score0.01029EPSS
Exploits0References2
osv
osv
added 2020/05/07 9:15 p.m.15 views

CVE-2020-11056

In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0...

6.3CVSS6.5AI score
Exploits0References2
cvelist
cvelist
added 2020/05/07 8:50 p.m.25 views

CVE-2020-11056 Potential Code Injection in Sprout Forms

In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0...

7.4CVSS7.5AI score0.01029EPSS
Exploits0References2
cve
cve
added 2020/05/07 8:50 p.m.103 views

CVE-2020-11056

In Sprout Forms below version 3.9.0, there is a Server-Side Template Injection vulnerability when using custom fields in Notification Emails that can lead to execution of Twig code. Root cause: unsafely interpolating user-controlled fields in email templates, enabling Twig execution. Impact descr...

7.4CVSS6.6AI score0.01029EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder