This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Kyle Kelley reports :
Summary: JSON error responses from the IPython notebook REST API
contained URL parameters and were incorrectly reported as text/html
instead of application/json. The error messages included some of these
URL params, resulting in a cross site scripting attack. This affects
users on Mozilla Firefox but not Chromium/Google Chrome.
API paths with issues :
- /api/contents (3.0-3.1)
- /api/notebooks (2.0-2.4, 3.0-3.1)
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.3