VYPR

CWE-75

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

ClassDraft

Description

The product does not adequately filter user-controlled input for special elements with control implications.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-81 · CAPEC-93

CVEs mapped to this weakness (21)

page 2 of 2
  • CVE-2021-32797Aug 9, 2021
    risk 0.00cvss epss 0.03

    JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesn’t sanitize the action attribute of html ``. Using this it is…