7 matches found
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...
PT-2024-24550 · Inducer · Inducer
Name of the Vulnerable Software and Affected Versions: inducer relate versions prior to 2024.1 Description: The issue allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function. This enables the attacker to execute...
CVE-2024-32405
This CVE (CVE-2024-32405) affects Inducer Relate prior to 2024.1. A Cross Site Scripting (XSS) flaw exists in the InlineMultiQuestion/Answer handling within the Exam function, allowing a remote attacker to escalate privileges via a crafted payload. Root cause: unsanitized input in the Answer fiel...
CVE-2024-32405
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function...