CVE-2023-44395: Autolab is a course management service that enables instructors to offer autograded programming assignments to their stu
mediumvulnerability
security
Summary
Autolab, a web-based course management system that automatically grades programming assignments, contained path traversal vulnerabilities (a type of bug where attackers can access files outside the intended directory) that allowed instructors to read arbitrary files on the system in versions before 2.12.0. This vulnerability affects the assessment functionality and has no workaround available.
Solution / Mitigation
Upgrade to Autolab version 2.12.0 or later, which contains a patch for this vulnerability.
Vulnerability Details
CVSS Score
4.9(medium)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack SophisticationTrivial
Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-44395
First tracked: February 15, 2026 at 08:37 PM
Classified by LLM (prompt v3) · confidence: 95%