{"id":"PYSEC-2026-688","summary":"JupyterLab: XSS due to lack of sanitization of the action attribute of an html \u003cform\u003e","details":"### Impact\n\nUntrusted notebook can execute code on load. This is a remote code execution, but requires user action to open a notebook.\n\n### Patches\n\nPatched in the following versions: 3.1.4, 3.0.17, 2.3.2, 2.2.10, 1.2.21.\n\n### References\n\n[OWASP Page on Restricting Form Submissions](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)\n\n### For more information\n\nIf you have any questions or comments about this advisory, or vulnerabilities to report, please email our security list security@ipython.org.\n\nCredit: Guillaume Jeanne from Google\n","aliases":["BIT-jupyterlab-2021-32797","CVE-2021-32797","GHSA-4952-p58q-6crx","PYSEC-2021-130"],"modified":"2026-07-06T08:11:30.661358280Z","published":"2026-07-02T14:13:10.480332Z","references":[{"type":"WEB","url":"https://github.com/google/security-research/security/advisories/GHSA-c469-p3jp-2vhx"},{"type":"WEB","url":"https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-4952-p58q-6crx"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32797"},{"type":"WEB","url":"https://github.com/jupyterlab/jupyterlab/commit/504825938c0abfa2fb8ff8d529308830a5ae42ed"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/jupyterlab/PYSEC-2021-130.yaml"},{"type":"PACKAGE","url":"https://pypi.org/project/notebook"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-4952-p58q-6crx"}],"affected":[{"package":{"name":"notebook","ecosystem":"PyPI","purl":"pkg:pypi/notebook"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.7.11"},{"introduced":"6.0.0"},{"fixed":"6.4.1"}]}],"versions":["0.0.0","4.0.0","4.0.1","4.0.2","4.0.4","4.0.5","4.0.6","4.1.0","4.2.0","4.2.0b1","4.2.1","4.2.2","4.2.3","4.3.0","4.3.1","4.3.2","4.4.0","4.4.1","5.0.0","5.0.0b1","5.0.0b2","5.0.0rc1","5.0.0rc2","5.1.0","5.1.0rc1","5.1.0rc2","5.1.0rc3","5.2.0","5.2.0rc1","5.2.1","5.2.1rc1","5.2.2","5.3.0","5.3.0rc1","5.3.1","5.4.0","5.4.1","5.5.0","5.5.0rc1","5.6.0","5.6.0rc1","5.7.0","5.7.1","5.7.10","5.7.2","5.7.3","5.7.4","5.7.5","5.7.6","5.7.8","5.7.9","6.0.0","6.0.1","6.0.2","6.0.3","6.1.0","6.1.0rc1","6.1.1","6.1.2","6.1.3","6.1.4","6.1.5","6.1.6","6.2.0","6.3.0","6.4.0","6.4.0a0","6.4.0a1","6.4.0rc0"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/notebook/PYSEC-2026-688.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"}]}