Japan Total System多款产品 跨站脚本漏洞

Japan Total System GroupSession Free edition and others are an enterprise collaboration software from Japan Total System, Inc. A cross-site scripting vulnerability exists in various Japan Total System products, which stems from a stored cross-site scripting vulnerability that could result in...

PT-2018-14936 · Project Jupyter +2 · Jupyter Notebook +2

Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 5.7.1 Description: The issue allows for cross-site scripting XSS attacks via an untrusted notebook. This is because nbconvert responses are considered to have the same origin as the notebook server, enabling...