Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-14044

Malware in sbrugna...

5.4CVSS5.4AI score0.00959EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/06/10 4:52 p.m.6 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/05 10:59 a.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/04 11:46 a.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/29 10:57 p.m.4 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/29 9:30 p.m.4 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/29 7:32 p.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/27 12:28 p.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 10:59 a.m.14 views

BIT-MYBB-2021-27279

MyBB before 1.8.25 allows stored XSS via nested email tags with MyCode aka BBCode...

5.1AI score
Exploits0References3
Prion
Prion
added 2021/02/22 8:15 p.m.18 views

Design/Logic Flaw

MyBB before 1.8.25 allows stored XSS via nested email tags with MyCode aka BBCode...

3.5CVSS5.2AI score0.00959EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/02/22 7:4 p.m.45 views

CVE-2021-27279

MyBB before 1.8.25 allows stored XSS via nested email tags with MyCode aka BBCode...

5.4AI score0.00959EPSS
Exploits1References3
CVE
CVE
added 2021/02/22 7:4 p.m.73 views

CVE-2021-27279

CVE-2021-27279 affects MyBB prior to 1.8.25. The vulnerability is a stored XSS via nested [email] tags in MyCode (BBCode), enabling script injection when processing user-supplied content. Product: MyBB (forum software); affected version range: before 1.8.25. Root cause: improper sanitization of B...

5.4CVSS5.1AI score0.00959EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/22 12:0 a.m.5 views

PT-2021-17383 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.25 Description: The issue allows stored XSS via nested email tags with MyCode aka BBCode. Recommendations: For versions prior to 1.8.25, update to version 1.8.25 or later to resolve the issue...

5.4CVSS5.1AI score0.00959EPSS
Exploits1References11
OSV
OSV
added 2020/08/12 4:15 p.m.1 views

DEBIAN-CVE-2020-12100

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a crafted e-mail message with deeply nested MIME parts...

7.5CVSS7AI score0.05215EPSS
Exploits2References1
Rows per page
Query Builder