Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHandler and NbconvertPostHandler do not set a Content Security Policy to prevent this.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-11-18T17:00:00
Updated: 2024-08-05T11:37:10.582Z
Reserved: 2018-11-18T00:00:00
Link: CVE-2018-19351
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-11-18T17:29:00.267
Modified: 2024-11-21T03:57:47.060
Link: CVE-2018-19351
Redhat
No data.