GHSA-6vxv-wg6j-5qwp

### Summary

Gogs renders Jupyter notebook files (`.ipynb`) using [jsvine/notebookjs](https://github.com/jsvine/notebookjs), but the version is outdated, missing patches for known XSS vulnerabilities.

### Details

Gogs uses version 0.4.2 of notebookjs to render Jupyter notebook files:

https://github.com/gogs/gogs/blob/7297aee50d4c115836c7de8a3a233daaef87b911/templates/base/head.tmpl#L47

The latest version of [jsvine/notebookjs](https://github.com/jsvine/notebookjs) is 0.8.3, patching many XSS vulnerabilities in its releases. The proof of concept below shows an example working payload that renders HTML through Markdown.

### PoC

1. Create a new repository 2. Create a file inside the repository named `xss.ipynb` and give it the following content:

```json {"cells": [{"cell_type": "markdown", "metadata": {}, "source": ["<img src=x onerror=\"alert(origin)\">"]}], "metadata": {}, "nbformat": 4, "nbformat_minor": 2} ```

<img width="1054" height="208" alt="image" src="https://github.com/user-attachments/assets/49b7f33c-c4df-4537-99e9-b1ea74f2c6de" />

3. Save the file and view the file in Gogs. Notice that the XSS popup triggers:

<img width="1317" height="407" alt="image" src="https://github.com/user-attachments/assets/3b18d870-7194-41b0-92db-687e952abc07" />

### Impact

Any user with rights to create repositories can create XSS payloads that take over the victim's account when visited. Either through their own exploration of the files or by directly linking them the vulnerable URL.