Mr-R3Bot

**Name of the Vulnerable Software and Affected Versions** Jupyter Server Proxy versions prior to 3.2.1 **Description** The issue is related to Server-Side Request Forgery (SSRF) due to a lack of input validation, allowing authenticated clients to proxy requests to other hosts and bypass the `allowed hosts` check. This is considered low to moderate severity because authentication is required, which already grants permissions to make the same requests via kernel or terminal execution. Any user deploying Jupyter Server or Notebook with the jupyter-proxy-server extension enabled is affected. **Recommendations** For versions prior to 3.2.1, upgrade to version 3.2.1 to receive a patch. As a temporary workaround, users can also install the patch manually.