Skip to content

Instantly share code, notes, and snippets.

@alx-alexpark

alx-alexpark/canvas-discussion-css-exploit.md

Last active August 20, 2024 04:33
Show Gist options
  • Save alx-alexpark/a3aad5808bb64041696a1f64f5601049 to your computer and use it in GitHub Desktop.
Save alx-alexpark/a3aad5808bb64041696a1f64f5601049 to your computer and use it in GitHub Desktop.
Download ZIP
A low severity exploit in Canvas by Instructure
Raw
canvas-discussion-css-exploit.md

Funny CSS Exploit in Canvas

Notice: You can share this, however be cautious because it might be patched

⚠️Having this exploit something that few people know about reduces all our chances of getting in trouble⚠️

Vendor: Instructure
Product: Canvas
Versions affected: Unknown (No version indication on website) (Working as of Feb 6 2023)
Attack type: Remote
Severity: Low
Impact:

  • CSS Hijacking ⚠️

Attack vector: Discussion post HTML/CSS functionality

Description: CSS you put in discussion posts will be applied throughout the entire page

Limitations: Some CSS options will not work

Reproduction instructions

  1. Open any canvas discussion post, your post will likely need to be on the first page for the CSS to be rendered
  2. Open the code editor in the reply menu
  3. Paste the following
<head>
  <style>
  /* Your css here */
  </style>
</head>
  1. Post the discussion post, and whoever loads your post will get the css applied page-wide

Some funny things

  1. display: none;
  2. background-image: url();
  3. * {color: /*color*/; background-color: /*color*/}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment