VulnerableCode Vulnerability Details - VCID-7bwr-bsbp-rqgc

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-7bwr-bsbp-rqgc

Essentials
Severities (1)
References (7)
Severity details (1)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-7bwr-bsbp-rqgc
Aliases	CVE-2021-32798 GHSA-hwvq-6gjx-j797 PYSEC-2021-118
Summary	cross-site scripting
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (5)

CWE-75	Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-80	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
archlinux	High	https://security.archlinux.org/AVG-2267

Reference id	Reference type	URL
		https://github.com/jupyter/notebook
		https://github.com/jupyter/notebook/commit/79fc76e890a8ec42f73a3d009e44ef84c14ef0d5
		https://github.com/jupyter/notebook/security/advisories/GHSA-hwvq-6gjx-j797
		https://github.com/pypa/advisory-database/tree/main/vulns/notebook/PYSEC-2021-118.yaml
AVG-2267		https://security.archlinux.org/AVG-2267
CVE-2021-32798		https://nvd.nist.gov/vuln/detail/CVE-2021-32798
GHSA-hwvq-6gjx-j797		https://github.com/advisories/GHSA-hwvq-6gjx-j797

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-01T19:57:35.201075+00:00	Arch Linux Importer	Import	https://security.archlinux.org/AVG-2267	38.6.0