Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IPython Notebook和Jupyter Notebook 跨站脚本漏洞
Vulnerability Description
IPython是IPython团队开发的一个Python的原生交互式shell的增强版。Notebook是其中的一个开发环境。Jupyter Notebook是其中的一套用于创建、共享代码和说明性文本文档的Web应用程序。 IPython Notebook 3.2.2之前版本和Jupyter Notebook 4.0.5之前4.0.x版本的notebook/notebookapp.py文件中的文件浏览器中存在跨站脚本漏洞。远程攻击者可借助文件夹名称利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A