CVE-2026-24900
Insecure Direct Object Reference in MarkUs Submission Files
Publication date: 2026-02-09
Last updated on: 2026-02-19
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| markusproject | markus | to 2.9.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the MarkUs web application prior to version 2.9.1. The application accepts a parameter called select_file_id in a specific URL path related to assignment submissions. This parameter is intended to serve files submitted by students. However, it was not properly restricted to the requesting user, which means that users could access submission files belonging to other users by specifying arbitrary file IDs.
How can this vulnerability impact me? :
The vulnerability allows unauthorized users to access the contents of submission files that do not belong to them. This can lead to exposure of sensitive student data or assignment content, potentially compromising privacy and academic integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade MarkUs to version 2.9.1 or later, where the issue has been fixed.