Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows
remote attackers to inject arbitrary web script or HTML via vectors
involving JSON error messages and the /api/contents path.
Author | Note |
---|---|
tyhicks | /api/contents only affects 3.0 through 3.1 |