Описание
Thunderbird executed javascript: URLs when used in object and embed tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
Thunderbird executed javascript: URLs when used in object and embed tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-8029
- https://bugzilla.mozilla.org/show_bug.cgi?id=1928021
- https://www.mozilla.org/security/advisories/mfsa2025-56
- https://www.mozilla.org/security/advisories/mfsa2025-58
- https://www.mozilla.org/security/advisories/mfsa2025-59
- https://www.mozilla.org/security/advisories/mfsa2025-61
- https://www.mozilla.org/security/advisories/mfsa2025-62
- https://www.mozilla.org/security/advisories/mfsa2025-63
Связанные уязвимости
Firefox executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
Firefox executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
Thunderbird executed `javascript:` URLs when used in `object` and `emb ...
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверным управлением генерацией кода, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации