EPSS
Percentile
19.4%
nbdime is vulnerable to cross-site scripting. The library does not properly sanitize input strings, allowing an attacker to inject and execute malicious javascript.
github.com/jupyter/nbdime/commit/e44a5cc7677f24b45ebafc756db49058c2f750ea
github.com/jupyter/nbdime/security/advisories/GHSA-p6rw-44q7-3fw4