DescriptionIPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2014:1060-1, published Sat, 23 Aug 2014 02:05:20 +0200 (CEST)