CVE-2021-43635

CVE-2021-43635 – Codex : A Cross-Site Scripting (XSS) vulnerability exists in Codex prior to 1.4.0, triggered via the Notebook/Page name field. The underlying issue is lack of proper input filtering/escaping in that field, allowing an attacker to execute arbitrary code through a crafted JSON file...