The vulnerability exists in jupyter/nbconvert versions up to 7.17.0. When an exported HTML notebook contains a cell that produces output of media type the rendering template inserts that output directly into the page without escaping. This permits an attacker to place malicious HTML or JavaScript inside the cell, which is then executed in the browser of any user who opens the exported file. This is a Cross‑site scripting flaw, closely aligned with CWE‑79, a type of injection vulnerability that allows arbitrary script execution in the viewer's context and can lead to data theft, session hijacking, or other web‑based attacks.

Affecting the Jupyter project’s nbconvert component, or earlier are vulnerable. The issue arises whenever a server uses nbconvert to convert notebooks to HTML, including JupyterHub instances, self‑hosted Jupyter servers, or any automatic export pipeline that processes notebooks.

The CVSS score of 5.4 indicates a moderate impact. No EPSS score is available, and the vulnerability is not listed in CISA KEV, suggesting no known large‑scale exploitation yet. Attackers would need to embed malicious content in a notebook that is later exported to HTML and accessed by a user. If such a notebook can be stored on the server, any visitor who opens the generated HTML will trigger the exploit. The threat is primarily to users viewing exported notebooks, not necessarily the server itself.