CVE-2018-12374

Summary

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 52.9affected

Weaknesses

  • Using form to exfiltrate encrypted mail part by pressing enter in form field

ADP Enrichment

CVE Program Container

Additional References

References