CVE-2024-35225 | jupyterhub jupyter-server-proxy up to 3.2.3/4.2.0 /proxy host cross site scripting (GHSA-fvcq-4×64-hqxr)

Posted by Angelo Barbosa | Jun 12, 2024 | CVE

A vulnerability was found in jupyterhub jupyter-server-proxy up to 3.2.3/4.2.0 and classified as problematic. This issue affects some unknown processing of the file /proxy. The manipulation of the argument host leads to cross site scripting.

The identification of this vulnerability is CVE-2024-35225. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-35225 | jupyterhub jupyter-server-proxy up to 3.2.3/4.2.0 /proxy host cross site scripting (GHSA-fvcq-4×64-hqxr)

Related Posts

CVE-2024-36241 | Mattermost up to 8.1.12/9.5.3/9.6.1 Playbook Add Slash Command access control

CVE-2024-1744 | Ariva Computer Accord ORS up to 7.3.2.0 information disclosure

CVE-2024-28999 | SolarWinds Platform up to 2024.1.1 Web Console race condition

CVE-2024-33998 | Moodle Participants Page User Name cross site scripting