When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2022-12-22T00:00:00
Updated: 2024-08-03T00:53:00.746Z
Reserved: 2022-08-29T00:00:00
Link: CVE-2022-3032
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-22T20:15:37.763
Modified: 2024-02-09T02:47:57.353
Link: CVE-2022-3032
Redhat