CVE-2018-19352

Published November 18th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

2

PROJECTS

Description

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.

jupyter/notebook

Jupyter Interactive Notebook

GitHub

13.2K

Jupyter Notebook - A web-based notebook environment for interactive computing

Python Package Index