Path traversal

2018-06-1121:29:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.7%

JSON

Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq7.0
debian_linuxeq9.0
thunderbirdlt52.5.2
enterprise_linux_auseq7.4
enterprise_linux_desktopeq7.0
enterprise_linux_desktopeq6.0
enterprise_linux_euseq7.4
enterprise_linux_euseq7.5
enterprise_linux_servereq7.0

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	7.0
debian_linux	eq	9.0
thunderbird	lt	52.5.2
enterprise_linux_aus	eq	7.4
enterprise_linux_desktop	eq	7.0
enterprise_linux_desktop	eq	6.0
enterprise_linux_eus	eq	7.4
enterprise_linux_eus	eq	7.5
enterprise_linux_server	eq	7.0