CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-5775

Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote, unauthenticated attacker to cause the Canvas application to perform HTTP GET requests to arbitrary domains.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.593

EPSS Ranking 98.1%

CVSS Severity

CVSS v3 Score 5.8

CVSS v2 Score 5.0

References

https://www.tenable.com/security/research/tra-2020-49
https://www.tenable.com/security/research/tra-2020-49

Products affected by CVE-2020-5775

Instructure » Canvas Learning Management Service » Version: 2020-07-29

cpe:2.3:a:instructure:canvas_learning_management_service:2020-07-29

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5775

Products

Pricing

Contact Us