Filtered by vendor Jupyter Subscriptions
Filtered by product Nbconvert Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-32862 2 Debian, Jupyter 2 Debian Linux, Nbconvert 2024-11-21 7.5 High
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).