Lucene search
K

6 matches found

OSV
OSV
added 2025/04/29 2:15 p.m.3 views

CVE-2025-4088

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox 1...

6.5CVSS5.8AI score0.00153EPSS
Exploits0References3
NVD
NVD
added 2025/04/29 2:15 p.m.14 views

CVE-2025-4088

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability was fixed in...

6.5CVSS0.00153EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/04/29 2:15 p.m.2 views

CVE-2025-4088

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox 1...

6.5CVSS6.7AI score0.00153EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/04/29 2:15 p.m.3 views

CVE-2025-4088

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability was fixed in...

6.5CVSS6.4AI score0.00153EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/29 1:13 p.m.7 views

CVE-2025-4088 Cross-site request forgery via storage access API redirects

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability was fixed in...

6.3AI score0.00153EPSS
Exploits0References3
CVE
CVE
added 2025/04/29 1:13 p.m.74 views

CVE-2025-4088

CVE-2025-4088 describes a cross-origin CSRF issue in Thunderbird (and affected Firefox) where malicious sites could exploit Redirects via the Storage Access API to send credentialed requests to arbitrary endpoints. Affected products: Firefox < 138 and Thunderbird

6.5CVSS6.3AI score0.00153EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder