CVE-2018-8768

2018-03-18T02:29:00
ID CVE-2018-8768
Type cve
Reporter NVD
Modified 2018-04-20T11:38:53

Description

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.