Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-7848 | 5.0 |
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
|
09-08-2018 - 13:41 | 11-06-2018 - 21:29 | |
CVE-2017-7846 | 6.8 |
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird
|
07-08-2018 - 12:35 | 11-06-2018 - 21:29 | |
CVE-2017-7847 | 4.3 |
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.
|
07-08-2018 - 12:32 | 11-06-2018 - 21:29 | |
CVE-2017-7829 | 5.0 |
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbir
|
07-08-2018 - 12:28 | 11-06-2018 - 21:29 |