Описание
When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:102.2.2+build1-0ubuntu0.18.04.1 |
| devel | not-affected | 1:102.3.3+build1-0ubuntu1 |
| esm-infra/focal | DNE | |
| focal | released | 1:102.2.2+build1-0ubuntu0.20.04.1 |
| jammy | released | 1:102.2.2+build1-0ubuntu0.22.04.1 |
| kinetic | ignored | end of life, was needs-triage |
| lunar | not-affected | 1:102.3.3+build1-0ubuntu1 |
| trusty | ignored | end of standard support |
| upstream | released | 91.13.1 |
| xenial | ignored | end of standard support |
Показывать по
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
When receiving an HTML email that specified to load an <code>iframe</c ...
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
Уязвимость изолированной среды iframe почтового клиента Thunderbird, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
4.3 Medium
CVSS3