Vulnerabilities > Jupyter > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-18 | CVE-2018-19352 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely. | 6.1 |
| 2018-11-18 | CVE-2018-19351 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. | 6.1 |