5 matches found
CVE-2025-23205
nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...
CVE-2025-23205 `frame-ancestors: self` grants all users access to formgrader in nbgrader
nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...
CVE-2025-23205 `frame-ancestors: self` grants all users access to formgrader in nbgrader
nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomai...
Improper Restriction of Rendered UI Layers or Frames
Overview nbgrader is an A system for assigning and grading notebooks Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames due to the improper configuration of the frame-ancestors directive. An attacker can extract sensitive content by crafting...
nbgrader 安全漏洞
nbgrader is an open source notebook assignment and grading system from Project Jupyter. A security vulnerability exists in nbgrader that stems from the fact that nbgrader allows its content to be embedded in IFrames by default, and the default configuration of JupyterHub enablesubdomains = False...