Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Autolab has Path Traversal vulnerability in Assessment functionality
Vulnerability Description
Autolab is a course management service that enables instructors to offer autograded programming assignments to their students over the Web. Path traversal vulnerabilities were discovered in Autolab's assessment functionality in versions of Autolab prior to 2.12.0, whereby instructors can perform arbitrary file reads. Version 2.12.0 contains a patch. There are no feasible workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Autolab 路径遍历漏洞
Vulnerability Description
Autolab是一项课程管理服务。支持自动评分的编程作业。 Autolab 2.11.1版本及之前版本存在路径遍历漏洞。攻击者利用该漏洞可以读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A