barrelstrength/sprout-forms

Releases169

Frequency2 weeks 5 days

Last Release about 3 years ago

Stars18

Simple, Beautiful Forms. 100% Control.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-11056 ↗	May 7, 2020Thursday, 7 May 2020, 21:15	7.4 HIGH	6.5 MEDIUM
In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnerability when using custom fields in Notification Emails which could lead to the execution of Twig code. This has been fixed in 3.9.0.