Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.7 views

CVE-2025-23205

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...

6.9CVSS6.8AI score0.00453EPSS
Exploits0References1
NVD
NVD
added 2025/01/17 9:15 p.m.6 views

CVE-2025-23205

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...

6.9CVSS0.00453EPSS
Exploits0References4
Circl
Circl
added 2025/01/17 8:57 p.m.8 views

CVE-2025-23205

creationtimestamp| type| source ---|---|--- 2025-01-17 20:57:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2209 2025-01-17 21:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfxpp44wsa2r 2025-01-17 22:39:14+00:00| seen|...

6.9CVSS5.7AI score0.00453EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/17 8:23 p.m.5 views

CVE-2025-23205 `frame-ancestors: self` grants all users access to formgrader in nbgrader

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...

6.9CVSS6.8AI score0.00453EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/17 8:23 p.m.15 views

CVE-2025-23205 `frame-ancestors: self` grants all users access to formgrader in nbgrader

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...

6.9CVSS0.00453EPSS
Exploits0References4
OSV
OSV
added 2025/01/17 8:23 p.m.6 views

CVE-2025-23205 `frame-ancestors: self` grants all users access to formgrader in nbgrader

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...

6.9CVSS6.5AI score0.00453EPSS
Exploits0References6
CVE
CVE
added 2025/01/17 8:23 p.m.49 views

CVE-2025-23205

CVE-2025-23205 affects nbgrader. Enabling frame-ancestors: 'self' can allow any JupyterHub user to extract content from the formgrader iframe when default JupyterHub config enable_subdomains is False, enabling an attacker to load the formgrader page with another user’s credentials. The issue has ...

6.9CVSS6.9AI score0.00453EPSS
Exploits0References4
Rows per page
Query Builder