CVE-2024-32405 Information

Description

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.

Reference

https://portswigger.net/web-security/cross-site-scripting/stored https://cxsecurity.com/issue/WLB-2024040051