instructure/canvas-lms on GitHub
The open LMS by Instructure, Inc.
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2021-36539 | 6.5 MEDIUM | N/A | |
Instructure Canvas LMS didn't properly deny access to locked/unpublished files when the unprivileged user access the DocViewer based file preview URL (canvadoc_session_url). |