CVE-2024-47820

Name of the Vulnerable Software and Affected Versions MarkUs versions prior to 2.4.8

Description The issue affects MarkUs, a web application for the submission and grading of student assignments. It is vulnerable to path traversal, allowing authenticated instructors to download any file on the web server MarkUs is running on, depending on the file permissions.

Recommendations For versions prior to 2.4.8, upgrade to MarkUs version 2.4.8 to address the path traversal issue. At the moment, there is no information about other workarounds aside from upgrading to version 2.4.8.