3 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
Documents loaded with the CSP sandbox directive could have escaped the sandbox’s script restrictions by embedding additional content. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
Mozilla: JavaScript unexpectedly enabled for the composition area
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities. This vulnerability affects Thunderbird...
Mozilla: External protocol handler parameters were unescaped
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...