Arbitrary Collaboration Enrollment
|Criticality Level:||Highly Critical|
|Impact:||Potential Exposure of Sensitive Data|
|Systems Affected:||Canvas LMS|
|Discovered By:||Internal Audit|
Restrict collaboration membership by context · instructure/canvas-lms@67491e3b · GitHub
During a routine security audit of the Canvas code base and platform, a bug with permission checking for collaboration enrollment was discovered which could allow a teacher or admin to enroll users in a course collaboration that they normally would not have been allowed to be enrolled in. This could lead to a situation which would allow access to basic user information that the teacher or admin might not otherwise have access to.
All systems were patched as of 15:14 MT on 1/5/2017