2 matches found
CVE-2026-54527
CVE-2026-54527 affects the jupyterlab-git extension. The PlainTextDiff.ts createHeader() renders renamed-file headers by directly inserting Git filenames into innerHTML, enabling stored XSS that can lead to remote code execution. Affected range is before 0.54.0, with fix released in 0.54.0. Explo...
CVE-2026-54527
creationtimestamp| type| source ---|---|--- 2026-06-18 07:12:58+00:00| published-proof-of-concept| https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-f962-v9hr-pfg5 2026-07-08 22:02:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mq64oaqtfb24 2026-07-09...