EUVD-2018-4348

Malware in sbrugna...

CVE-2018-12374

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird 52.9...

thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird 52.9...

UBUNTU-CVE-2018-12372

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

Mozilla: Encrypted mail leaks plaintext through src attribute

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

Open-Xchange: OX (Guard): Stored Cross-Site Scripting via Email Attachment

Summary Improper handling of email attachments by "OX Guard" causes a Stored Cross-Site Scripting XSS vulnerability inside the OX "Mail" module. Injected code will be executed when the victim opens the HTML attachment of a decrypted email by using the "Open in browser" link/button. Proof of Conce...