In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.
oryginał ENCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HJupyter Notebook
APPJupyter< 5.4.1
Powiązane podatności
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untru...
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Noteb...
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Noteb...
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Noteb...
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, un...