Relate@* Security Vulnerabilities and Issues — Relate@* CVE List

Lucene search

InducerRelate*

4 matches found

CVE•added 2024/04/22 8:15 p.m.•58 views

CVE-2024-32405

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.

2.6CVSS6.7AI score0.0009EPSS

CVE•added 2024/04/26 4:15 a.m.•40 views

CVE-2024-32404

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature.

6CVSS8.1AI score0.00594EPSS

CVE•added 2024/04/26 4:15 a.m.•40 views

CVE-2024-32406

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function.

7.5CVSS8AI score0.0211EPSS

CVE•added 2024/04/22 7:15 p.m.•33 views

CVE-2024-32407

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature.

8.8CVSS7.8AI score0.01237EPSS