Cross-site Scripting (XSS) in jupyter/nbconvert_CVE-2026-6658

5.4 / 10

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Description

A vulnerability in jupyter/nbconvert versions <= 7.17.0 allows for Cross-site Scripting (XSS) via unsanitized `text/vnd.mermaid` output in HTML exports. The `data_mermaid` block in `share/templates/lab/base.html.j2` renders `text/vnd.mermaid` cell output directly into HTML without escaping, enabling attackers to inject arbitrary HTML/JavaScript by breaking out of the `<pre>` tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export.

Basic Information

ID CVE-2026-6658

Source @huntr_ai

Published Jun 26, 2026 at 09:40

Modified Jun 26, 2026 at 10:19

Affected Product

Vendor jupyter

Product jupyter/jupyter

Version unspecified

Affected Versions jupyter jupyter/jupyter unspecified

CWE Classification

CWE-79

References

huntr.com /bounties/47570290-3b26-4477-8cfa-fdef7db5aefe

{
    "lastseen": "",
    "description": "A vulnerability in jupyter/nbconvert versions <= 7.17.0 allows for Cross-site Scripting (XSS) via unsanitized `text/vnd.mermaid` output in HTML exports. The `data_mermaid` block in `share/templates/lab/base.html.j2` renders `text/vnd.mermaid` cell output directly into HTML without escaping, enabling attackers to inject arbitrary HTML/JavaScript by breaking out of the `<pre>` tag. This vulnerability impacts any server using nbconvert to render notebooks as HTML, allowing attackers to execute arbitrary JavaScript in the context of users viewing the HTML export.",
    "published": "2026-06-26T09:40:30.952Z",
    "modified": "2026-06-26T10:19:12.444Z",
    "type": "cve",
    "title": "Cross-site Scripting (XSS) in jupyter/nbconvert",
    "source": "@huntr_ai",
    "references": "https://huntr.com/bounties/47570290-3b26-4477-8cfa-fdef7db5aefe",
    "id": "CVE-2026-6658",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "jupyter jupyter/jupyter unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 5.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "jupyter/jupyter",
    "version": "unspecified",
    "vendor": "jupyter",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}