Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN657
_____________________________________________________________________

DATE                : 19/06/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running jupyter-server (pip) versions
                                    prior to 2.20.
 
=====================================================================
https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-fcw5-x6j4-ccmp
_____________________________________________________________________

Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via
missing `sandbox` CSP

High
Yann-P published GHSA-fcw5-x6j4-ccmp Jun 17, 2026

Package
jupyter-server (pip)

Affected versions
<=2.19.0

Patched versions
2.20


Description

The nbconvert HTTP handlers in jupyter_server render user-authored
notebook HTML under the Jupyter origin without a sandbox directive
in their Content-Security-Policy.

Combined with nbconvert.HTMLExporter's default non-sanitizing
behavior, a notebook carrying an HTML payload in a display_data
output triggers stored XSS with cookie access, full /api/*
authority, and kernel RCE.


Impact

An authenticated victim who navigates to /nbconvert/html/<path>
containing attacker-authored output can have their token
exfiltrated to another domain because it is executed in the
Jupyter origin.


Patches

Fixed in v2.20.0, commit 6cbee8d


Workarounds

For deployments where editing the installed jupyter_server is
impractical (containerized builds, read-only images), adding
this to jupyter_server_config.py has the same effect as the
patch above without touching source files:

import jupyter_server.nbconvert.handlers as _nb

def _csp(self):
    return super(type(self), self).content_security_policy + "; sandbox allow-scripts"

_nb.NbconvertFileHandler.content_security_policy = property(_csp)
_nb.NbconvertPostHandler.content_security_policy = property(_csp)

Severity
High
8.6/ 10

CVSS v4 base metrics
Exploitability Metrics
Attack Vector Local
Attack Complexity Low
Attack Requirements None
Privileges Required Low
User interaction Active
Vulnerable System Impact Metrics
Confidentiality High
Integrity High
Availability High
Subsequent System Impact Metrics
Confidentiality High
Integrity High
Availability High
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CVE ID
CVE-2026-44727

Weaknesses
Weakness CWE-79
Weakness CWE-1021

Credits

    @pikaball pikaball Finder
    @y011d4 y011d4 Finder
    @0xHunSec 0xHunSec Finder
    @Yann-P Yann-P Remediation developer
    @Carreau Carreau Other

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================