CVE-2025-23205

Description

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of `enable_subdomains = False`. #1915 disables a protection which would allow user Alice to craft a page embedding formgrader in an IFrame. If Bob visits that page, his credentials will be sent and the formgrader page loaded. Because Alice's page is on the same Origin as the formgrader iframe, Javasript on Alice's page has _full access_ to the contents of the page served by formgrader using Bob's credentials. This issue has been addressed in release 0.9.5 and all users are advised to upgrade. Users unable to upgrade may disable `frame-ancestors: self`, or enable per-user and per-service subdomains with `JupyterHub.enable_subdomains = True` (then even if embedding in an IFrame is allowed, the host page does not have access to the contents of the frame).

Weakness Type (CWE)

CWE-668 CWE-668

References

Other References

https://github.com/jupyter/nbgrader/commit/73e137511ac1dc02e95790d4fd6d4d88dab42325 https://github.com/jupyter/nbgrader/pull/1915 https://github.com/jupyter/nbgrader/security/advisories/GHSA-fcr8-4r9f-r66m https://jupyterhub.readthedocs.io/en/stable/explanation/websecurity.html#:~:text=frame-ancestors

Frequently Asked Questions

What is CVE-2025-23205? +

nbgrader is a system for assigning and grading notebooks. Enabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of `enable_subdomains = False`. #1915 disables a protection which would allow user Alice to craft a page embedding formgrader in an IFrame. If Bob visits that page, his credentials will be sent and the formgrader page loaded. Because Alice's page is on the same Origin as the formgrader iframe, Javasript on Alice's page has _full access_ to the contents of the page served by formgrader using Bob's credentials. This issue has been addressed in release 0.9.5 and all users are advised to upgrade. Users unable to upgrade may disable `frame-ancestors: self`, or enable per-user and per-service subdomains with `JupyterHub.enable_subdomains = True` (then even if embedding in an IFrame is allowed, the host page does not have access to the contents of the frame).

How do I check if I'm vulnerable to CVE-2025-23205? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-46723

The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission …

CVE-2025-32428

Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on …

CVE-2026-42875

External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Prior to 2.4.0, …

CVE-2026-34094

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Page/Article.Php. This issue affects MediaWiki: from * before …

CVE-2025-54502

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with …

CVE-2025-3651

Improper Verification of Source of a Communication Channel in Work Desktop for Mac versions 10.8.1.46 and earlier allows attackers to …