CVE-2021-32797 — Cross-site Scripting in Jupyterlab

CWE-79 — Cross-site Scripting CWE-75 — Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)CWE-87 — Improper Neutralization of Alternate XSS Syntax7 documents6 sources

Severity

9.6CRITICALNVD

CNA7.4

EPSS

0.9%

top 24.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jupyterlab Jupyter Jupyterlab Jupyter Notebook

Timeline

PublishedAug 9

Latest updateJun 30

Description

JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesn’t sanitize the action attribute of html ``. Using this it is possible to trigger the form validation outside of the form itself. This is a remote code execution, but requires user action to open a notebook.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages4 packages

▶PyPIjupyter/notebook6.0.0 — 6.4.1+1

▶NVDjupyter/jupyterlab2.0.0 — 2.2.10+4

▶CVEListV5jupyterlab/jupyterlab< 1.2.1+4

▶PyPIjupyterlab/jupyterlab2.0.0a0 — 2.2.10+9

🔴Vulnerability Details

OSV

JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>↗2021-08-23

▶

GHSA

JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>↗2021-08-23

▶

OSV

CVE-2021-32797: JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook↗2021-08-09

▶

CVEList

JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>↗2021-08-09

▶

📋Vendor Advisories

Debian

CVE-2021-32797: jupyterlab - JupyterLab is a user interface for Project Jupyter which will eventually replace...↗2021

▶

📄Research Papers

arXiv

Threat Assessment in Machine Learning based Systems↗2022-06-30

▶