CVE-2025-23205MEDIUMCVSS 6.9v= 0.9.42025-01-17
CVE-2025-23205 [MEDIUM] CWE-668 CVE-2025-23205: nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants an
nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of `enable_subdomains = False`. #1915 disables a protection which would
cvelistv5ghsanvdosv