---

CVE-2018-19352 - log back

CVE-2018-19352 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Local
Type	+ Cross-site scripting
Description	+ A security issue has been found in Jupyter Notebook versions prior to 5.7.2, where untrusted javascript could be executed if malicious files could be delivered to the users system and the user takes specific actions with those malicious files. It allowed maliciously crafted directory names to execute javascript when opened in the tree view.
References	+ https://blog.jupyter.org/jupyter-notebook-security-fixes-59817e86a711
Notes