CVE-2025-23205

Name of the Vulnerable Software and Affected Versions nbgrader versions prior to 0.9.5

Description The issue allows any JupyterHub user to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enable subdomains = False. This is possible because enabling frame-ancestors: 'self' grants access to the contents of the page served by formgrader using the victim's credentials. If a user, for example, Alice, crafts a page embedding formgrader in an IFrame and another user, Bob, visits that page, his credentials will be sent and the formgrader page loaded, allowing Alice's page to have full access to the contents of the page served by formgrader.

Recommendations For versions prior to 0.9.5, upgrade to release 0.9.5 to address the issue. As a temporary workaround, consider disabling frame-ancestors: self. Alternatively, enable per-user and per-service subdomains with JupyterHub.enable subdomains = True to prevent the host page from accessing the contents of the frame, even if embedding in an IFrame is allowed.