Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing
Impact Affected configurations: - Single-origin JupyterHub deployments - JupyterHub deployments with user-controlled applications running on subdomains or peer subdomains of either the Hub or a single-user server. By tricking a user into visiting a malicious subdomain, the attacker can achieve an...