CVE-2024-32407
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature.
More information : https://book.hacktricks.xyz/v/jp/pentesting-web/ssti-server-side-template-injection