Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Autolab has HTML Injection Vulnerability
Vulnerability Description
Autolab is a course management service that enables auto-graded programming assignments. There is an HTML injection vulnerability in version 3.0.1 that can affect instructors and CAs on the grade submissions page. The issue is patched in version 3.0.2. One may apply the patch manually by editing line 589 on `gradesheet.js.erb` to take in feedback as text rather than html.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Autolab 跨站脚本漏洞
Vulnerability Description
Autolab是Autolab开源的一项课程管理服务。支持自动评分的编程作业。 Autolab 3.0.1版本存在跨站脚本漏洞,该漏洞源于存在HTML注入漏洞,可能会影响成绩提交页面上的讲师和CA。
CVSS Information
N/A
Vulnerability Type
N/A