Cross-site scripting (XSS) vulnerability in Mozilla...
Moderate severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Feb 17, 2014
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Jan 27, 2023
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in a (1) OBJECT or (2) EMBED element, a related issue to CVE-2013-6674.
References