notebook icon indicating copy to clipboard operation
notebook copied to clipboard

Published 20 hours ago verified publisher icon jupyter

6.x series is vulnerable to CVE-2019-10856

Open ist199099 opened this issue 3 years ago • 0 comments
trafficstars

Describe the bug The 6.x series are vulnerable to CVE-2019-10856.

To Reproduce Steps to reproduce the behavior:

  1. Set up a notebook server.
  2. Construct a link to exploit CVE-2019-10856 and open it in Chrome.
  3. Enter a valid username and password and log in.

Expected behavior The server should refuse to show the login page or to redirect to the malicious website.

ist199099 avatar Jul 31 '22 20:07 ist199099