Safety vulnerability ID: 35626
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path.
Latest version: 8.30.0
IPython: Productive Interactive Computing
Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path.
MLIST:[oss-security] 20150622 Re: CVE request: IPython XSS in JSON error responses: http://www.openwall.com/lists/oss-security/2015/06/22/7
CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1235688: https://bugzilla.redhat.com/show_bug.cgi?id=1235688
CONFIRM:https://github.com/ipython/ipython/commit/7222bd53ad089a65fd610fab4626f9d0ab47dfce: https://github.com/ipython/ipython/commit/7222bd53ad089a65fd610fab4626f9d0ab47dfce
CONFIRM:https://github.com/ipython/ipython/commit/c2078a53543ed502efd968649fee1125e0eb549c: https://github.com/ipython/ipython/commit/c2078a53543ed502efd968649fee1125e0eb549c
CONFIRM:https://ipython.org/ipython-doc/3/whatsnew/version3.html: https://ipython.org/ipython-doc/3/whatsnew/version3.html
BID:75328: http://www.securityfocus.com/bid/75328
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application