Missing Websocket Authentication
Discription
Jupyter Server Proxy is vulnerable to Missing Websocket Authentication. The vulnerability is caused due to improper user authentication checks when proxying websockets within handlers.py. This allows an attacker to gain unauthenticated remote access to any websocket endpoint made accessible via the Jupyter Server Proxy, which can result in Remote Code…Read More
References
Back to Main