CVE-2024-32405

{"id": "CVE-2024-32405", "metrics": {}, "published": "2024-04-22T20:15:07.737", "references": [{"url": "https://cxsecurity.com/issue/WLB-2024040051", "source": "cve@mitre.org"}, {"url": "https://packetstormsecurity.com/files/178101/Relate-Cross-Site-Scripting.html", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function."}, {"lang": "es", "value": "Una vulnerabilidad de Cross Site Scripting en Inducer Relate anterior a v.2024.1 permite a un atacante remoto escalar privilegios a trav\u00e9s de un payload manipulado al campo Respuesta del par\u00e1metro InlineMultiQuestion en la funci\u00f3n Examen."}], "lastModified": "2024-04-27T05:15:48.447", "sourceIdentifier": "cve@mitre.org"}