Jupyter Notebook Vulnerability: Maliciously Forged Notebook Files Exploit JavaScript Execution

CVE-2018-8768 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.

Learn more about our Web Application Penetration Testing UK.