PT-2026-23627 · Markus · Markus

Ibrah-M

Publicado

2026-03-06

Atualizado

2026-03-12

CVE-2026-25962

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions MarkUs versions prior to 2.9.4

Description MarkUs is a web application used for submitting and grading student assignments. Before version 2.9.4, the application extracted zip files without limitations on file size or the number of entries within the archive. This allowed instructors to upload zip files for assignment configurations and students to submit assignments as zip files, with the contents being extracted by the application.

Recommendations Update to version 2.9.4 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-409

Identificadores relacionados

CVE-2026-25962

GHSA-X8XV-J7FC-65X5

Produtos afetados

Markus

PT-2026-23627 · Markus · Markus

CVE-2026-25962

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6