CNNVD-202602-1307 Information
CNNVD ID
CNNVD-202602-1307
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
MarkUs是MarkUs开源的一个 Ruby on Rails 和 React web 应用程序,用于提交和评分学生作业。 MarkUs 2.9.1之前版本存在安全漏洞,该漏洞源于参数未正确限定范围,可能导致访问任意提交文件内容。
Description (English)
MarkUs is a Ruby on Railways and React Web application from MarkUs open source for submitting and scoring student jobs. The previous version of MarkUs 2.9.1 had a security loophole, which stemmed from the fact that the parameters were not correctly defined and could lead to access being free to submit documents.
Vulnerability Type
其他
Affected Vendor
MarkUs
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/MarkUsProject/Markus/commit/7daed9fd2d44932223798d997b55094a3bff104b https://github.com/MarkUsProject/Markus/security/advisories/GHSA-56gh-8hmq-7q88 https://github.com/MarkUsProject/Markus/releases/tag/v2.9.1 https://access.redhat.com/security/cve/cve-2026-24900
Patch
https://github.com/MarkUsProject/Markus/releases
Share on: