Cross-site Scripting (XSS)
JupyterLab is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient validation of data-commandlinker- attributes in sanitized HTML output, which allows an attacker to craft a malicious notebook containing a deceptive button that executes arbitrary JupyterLab commands,...