Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature.
CVSS Score
6.0
EPSS Score
0.006
Published
2024-04-26
Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function.
CVSS Score
7.5
EPSS Score
0.021
Published
2024-04-26
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.
CVSS Score
2.6
EPSS Score
0.001
Published
2024-04-22
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature.
CVSS Score
8.8
EPSS Score
0.012
Published
2024-04-22