CNNVD-202602-1306 Information
CNNVD ID
CNNVD-202602-1306
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
MarkUs是MarkUs开源的一个 Ruby on Rails 和 React web 应用程序,用于提交和评分学生作业。 MarkUs 2.9.1之前版本存在安全漏洞,该漏洞源于未检查文件路径,可能导致任意文件写入。
Description (English)
MarkUs is a Ruby on Railways and React Web application from MarkUs open source for submitting and scoring student jobs. There was a security loophole in the previous version of MarkUs 2.9.1, which originated from the failure to check the file path and could lead to the writing of any document.
Vulnerability Type
其他
Affected Vendor
MarkUs
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/MarkUsProject/Markus/releases/tag/v2.9.1 https://github.com/MarkUsProject/Markus/commit/0ca002a1f0071c7a00dbb2ed34fede57323c5dc7 https://github.com/MarkUsProject/Markus/security/advisories/GHSA-mccg-p332-252h https://access.redhat.com/security/cve/cve-2026-25057
Patch
https://github.com/MarkUsProject/Markus/releases
Share on: