Canvas Community/Product Forums/Security Notices
Instructure Advisory IAC48510 - SQL Sanitization Vulnerability
Brian Palmer
posted this on November 17, 2011 12:06
Instructure Advisory IAC48510
| Release Date | 2011-11-17 |
| Last Update | 2011-11-30 |
| CVE | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4641 |
| Description | SQL Sanitization Vulnerability |
| Criticality Level | Highly Critical |
| Impact |
|
| Authentication level | Logged in Canvas users |
| Systems Affected | Canvas LMS |
| Solution Status | Patched |
| Discovered By | Securus Global |
| Relevant Changesets | https://github.com/instructure/canvas-lms/commit/2183ac7e1006cbfb49a18780d1de767fd753bd45 |
A security audit has identified a SQL injection attack vector in the file re-ordering capability, available in the users file area and the course/group file areas.
Solution: A fix to properly escape the posted user input has been developed and deployed to Canvas Cloud. Users of Canvas CV are encouraged to either update to the most recent stable code or apply the patch manually immediately.
Comments
Updated on 2011-11-30 to include the CVE identifier.