CVE-2022-3032

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

Vendor	mozilla
Product	thunderbird
Ecosystems	Browser JavaScript
Industries	Technology
Published	Dec 22, 2022
Last Updated	Nov 19, 2024

Stay Ahead of the Next One

Get instant alerts for mozilla thunderbird

Be the first to know when new unknown vulnerabilities affecting mozilla thunderbird are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Mozilla / Thunderbird

unspecified < 102.2.1 unspecified < 91.13.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

mozilla.org: https://www.mozilla.org/security/advisories/mfsa2022-38/ mozilla.org: https://www.mozilla.org/security/advisories/mfsa2022-39/ bugzilla.mozilla.org: https://bugzilla.mozilla.org/show_bug.cgi?id=1783831