This issue is fixed in the upcoming version 2.2 with the patch available at .
The report indicates versions 0.12 to 2.1 are vulnerable to this flaw. The version of IPython shipped with EPEL5 (0.8.4) is not vulnerable to this issue as the vulnerable code that loads MathJax is not present.
Created ipython tracking bugs for this issue:
Affects: fedora-all [bug 1125938]
Affects: epel-6 [bug 1125939]