5 matches found
CVE-2026-57963 Chat UI manipulation by injection
An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. This vulnerability was fixed in Thunderbird 152.0.1 and Thunderbird 140.12.1...
Mozilla Thunderbird < 152.0.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 152.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-63 advisory. - An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content,...
Mozilla Thunderbird < 152.0.1
The version of Thunderbird installed on the remote Windows host is prior to 152.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-63 advisory. - An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing...
Linux Distros Unpatched Vulnerability : CVE-2024-28593
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance...
CVE-2025-0747
CVE-2025-0747 concerns a stored cross-site scripting vulnerability in EmbedAI. According to the sources, an authenticated attacker can inject malicious JavaScript into a chat message, which is executed when a user opens the chat. Documents from NVD/CVE lists describe the vulnerability and impact ...