CVE-2024-53260

Name of the Vulnerable Software and Affected Versions Autolab (affected versions not specified)

Description Autolab is a course management service that enables auto-graded programming assignments. A user can modify their first and or last name to include a valid excel / spreadsheet formula. When an instructor downloads their course's roster and opens it, this name will then be evaluated as a formula. This could lead to leakage of information of students in the course roster by sending the data to a remote endpoint.

Recommendations To resolve the issue, users are advised to manually patch their systems or to wait for the next release. At the moment, there is no information about a newer version that contains a fix for this vulnerability.