48 matches found
Zimbra Collaboration Suite - Cross-site Scripting
Cross-site scripting XSS vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite ZCS before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment. id:...
CVE-2025-55030
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS 142...
CVE-2025-55032
Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks. This vulnerability was fixed in Focus for iOS 142...
CVE-2025-55032 Focus incorrectly ignores Content-Disposition headers for some MIME types
Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks. This vulnerability was fixed in Focus for iOS 142...
CVE-2025-55030
CVE-2025-55030 concerns Firefox for iOS where a mis-handling of the Content-Disposition header (Attachment) allows inline content display and potential XSS. Affected: Firefox for iOS versions prior to 142. Root cause: improper handling of the Content-Disposition header for certain MIME types. Imp...
CVE-2025-55030 Content-Disposition headers incorrectly ignored for some MIME types
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...
thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...
thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...
thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking
The Mozilla Foundation's Security Advisory describes the following issue: It is possible to craft an email that shows a tracking link as an attachment. If the user attempts to open the attachment, Thunderbird automatically accesses the link. The configuration to block remote content does not...
The vulnerability of the Thunderbird email client, related to bypassing authentication through spamming, allows a hacker to execute arbitrary code.
The vulnerability of the Thunderbird email client relates to bypassing authentication through spamming when processing the X-Mozilla-External-Attachment-URL header. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Mozilla Thunderbird Cross-Site Scripting Vulnerability (CNVD-2025-18673)
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A cross-site scripting vulnerability exists in Mozilla Thunderbird, which stems from...
SUSE CVE-2025-3932
It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...
CVE-2025-3909
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened,...
DEBIAN-CVE-2025-3932
It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web...
DEBIAN-CVE-2025-3909
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened,...