PT-2024-34634 · Froala · Froala Wysiwyg Editor

Name of the Vulnerable Software and Affected Versions: Froala WYSIWYG editor versions 4.3.0 and earlier Description: The issue is related to inconsistent parsing of the tag, which allows for cross-site scripting XSS in the Froala WYSIWYG editor. Recommendations: For versions 4.3.0 and earlier,...

thunderbird: S/MIME plaintext can be leaked through HTML reply/forward

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird 52.9...