|Release Date:||2011-12-13 (Last update can be found below the document title)|
|Description:||CSRF attack vector in AJAX JSON responses|
|Criticality Level:||Less Critical ( Less Critical < Critical < Moderately Critical < Highly Critical )|
|Systems Affected:||Canvas LMS|
|Solution Status:||Fixed in the 2011-12-10 release|
|Discovered By:||Securus Global|
A security audit has identified that Canvas LMS is vulnerable to a cross-site request forgery attack via unprotected JSON responses to various AJAX request calls. This attack could allow a malicious third-party site to steal private information, if a user were to visit that malicious site while logged in to Canvas.
This attack is not possible in the newest releases of major web browsers, but still affects some officially supported browser versions such as previous Safari and Chrome releases.