EPSS
Percentile
47.0%
notebook is vulnerable to a cross-site scripting (XSS) attack. The library does not properly sanitize URLs passed through a directory name, allowing a malicious user to inject and execute arbitrary Javascript.
github.com/jupyter/notebook/blob/master/docs/source/changelog.rst
github.com/jupyter/notebook/commit/ad25be985c55f66ef2105f712cb915708d568e29