Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-6938

Опубликовано: 21 сент. 2015
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

5.5.0-1
cosmic

not-affected

5.5.0-1
devel

not-affected

5.5.0-1
disco

not-affected

5.5.0-1
eoan

not-affected

5.5.0-1
esm-apps/bionic

not-affected

5.5.0-1
esm-apps/focal

not-affected

5.5.0-1
esm-apps/jammy

not-affected

5.5.0-1
esm-apps/xenial

not-affected

2.4.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 75%
0.00861
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2015-6938

nvd
больше 10 лет назад

Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate.

debian логотип

CVE-2015-6938

debian
больше 10 лет назад

Cross-site scripting (XSS) vulnerability in the file browser in notebo ...

github логотип

GHSA-4vwq-x64q-j4cj

CVSS3: 6.1
github
больше 3 лет назад

Improper Neutralization of Input During Web Page Generation in Jupyter Notebook

EPSS

Процентиль: 75%
0.00861
Низкий

4.3 Medium

CVSS2