This vulnerability affects jupyter/nbconvert versions <= 7.17.0. The issue is located in the `data_mermaid` block within the `share/templates/lab/base.html.j2` template, which renders `text/vnd.mermaid` cell output directly into HTML without proper escaping. Because of this, an attacker can craft malicious notebook content that, when converted to HTML, injects arbitrary HTML or JavaScript code by breaking out of the `<pre>` tag. This results in Cross-site Scripting (CWE-79) that can execute arbitrary scripts in the context of users viewing the HTML export. The vulnerability requires at least low privileges (PR:L) and user interaction (UI:R) and impacts confidentiality and integrity with no impact on availability. The CVSS v3.0 base score is 5.4 (medium severity). No official patch or remediation guidance is currently available, and no known exploits are reported in the wild.

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of users viewing HTML exports of notebooks generated by nbconvert. This can lead to information disclosure or manipulation of the rendered content. The vulnerability affects confidentiality and integrity but does not impact availability. It requires user interaction and some privileges on the server to inject malicious content.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should avoid rendering or sharing HTML exports of notebooks containing `text/vnd.mermaid` output from untrusted sources. Applying strict content sanitization or disabling rendering of `text/vnd.mermaid` output in HTML exports may reduce risk.