ReportizFlow
Filtered by vendor Inducer
Subscriptions
Filtered by product Relate
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41505 | 1 Inducer | 1 Relate | 2026-05-07 | 8.7 High |
| RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() function. This issue has been patched via commit 2f68e16. | ||||
| CVE-2024-32406 | 2 Inducer, Inducer | 2 Relate, Relate | 2025-12-17 | 7.5 High |
| Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function. | ||||
| CVE-2024-32404 | 1 Inducer | 1 Relate | 2025-06-30 | 6 Medium |
| Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature. | ||||
| CVE-2024-32407 | 2 Inducer, Inducer | 2 Relate, Relate | 2025-06-13 | 8.8 High |
| An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. | ||||
| CVE-2024-32405 | 2 Inducer, Inducer | 2 Relate, Relate | 2025-06-13 | 2.6 Low |
| Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function. | ||||
Page 1 of 1.