CVE-2019-25012
The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by visiting the /rss.xml page. NOTE: This project is not covered by Drupal’s security advisory policy.
Date published : 2020-12-31
https://www.drupal.org/project/webform_report/issues/3101410