CVE-2026-24900
- Source
- https://cve.org/CVERecord?id=CVE-2026-24900
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24900.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-24900
- Aliases
-
- GHSA-56gh-8hmq-7q88
- Published
- 2026-02-09T18:39:52.161Z
- Modified
- 2026-03-01T02:57:06.263757Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- MarkUs has a submission-view IDOR exposes all student submissions
- Details
-
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, the courses/<:course_id>/assignments/<:assignment_id>/submissions/htmlcontent accepted a selectfile_id parameter to serve SubmissionFile objects containing a record of files submitted by students. This parameter was not correctly scoped to the requesting user, allowing users access arbitrary submission file contents by id. This vulnerability is fixed in 2.9.1.
- Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-639" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/24xxx/CVE-2026-24900.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/24xxx/CVE-2026-24900.json
- https://github.com/MarkUsProject/Markus/commit/7daed9fd2d44932223798d997b55094a3bff104b
- https://github.com/MarkUsProject/Markus/releases/tag/v2.9.1
- https://github.com/MarkUsProject/Markus/security/advisories/GHSA-56gh-8hmq-7q88
- https://nvd.nist.gov/vuln/detail/CVE-2026-24900
Affected packages
Git / github.com/markusproject/markus
Affected ranges
- Type
- GIT
- Repo
- https://github.com/markusproject/markus
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10.0
1.*
1.8.0-rc1
v1.*
v1.10.0
v1.10.0-rc
v1.10.1
v1.10.1-rc
v1.10.2
v1.10.3
v1.10.4
v1.11.0
v1.11.1
v1.11.2
v1.11.3
v1.11.4
v1.11.5
v1.12.0
v1.12.1
v1.12.2
v1.12.3
v1.12.4
v1.12.5
v1.13.0
v1.13.1
v1.13.2
v1.13.3
v1.14.0
v1.8.0
v1.8.0-rc2
v1.8.1
v1.8.2
v1.8.3
v1.8.4
v1.9.0
v1.9.1
v1.9.2
v1.9.3
v2.*
v2.0.0
v2.0.1
v2.0.10
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.8
v2.0.9
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.2.0
v2.2.1
v2.2.2
v2.2.3
v2.2.4
v2.3.0
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v2.4.0
v2.4.1
v2.4.10
v2.4.11
v2.4.12
v2.4.2
v2.4.3
v2.4.4
v2.4.5
v2.4.6
v2.4.7
v2.4.8
v2.4.9
v2.5.0
v2.5.1
v2.5.2
v2.5.3
v2.6.0
v2.6.1
v2.7.0
v2.7.1
v2.8.0
v2.8.1
v2.8.2
v2.9.0