Open Redirect Vulnerability in jupyter-server

jupyter-server is the backend for Jupyter web applications. Open Redirect Vulnerability. Maliciously crafted login links to known Jupyter Servers can cause successful login or an already logged-in session to be redirected to arbitrary sites, which should be restricted to Jupyter Server-served URLs. This issue has been addressed in commit `29036259` which is included in release 2.7.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

指向未可信站点的URL重定向(开放重定向)

Jupyter Server 输入验证错误漏洞

Jupyter Server是Jupyter组织的一款用于为Jupyter Web应用提供后端服务的应用软件。 Jupyter Server 2.7.2之前版本存在输入验证错误漏洞，该漏洞源于存在打开重定向漏洞，可能会导致成功登录或已登录的会话被重定向到任意站点。

N/A

N/A