Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Thunderbird 注入漏洞
Vulnerability Description
Mozilla Thunderbird是美国Mozilla基金会的一套从Mozilla Application Suite独立出来的电子邮件客户端软件。该软件支持IMAP、POP邮件协议以及HTML邮件格式。 Mozilla Thunderbird 存在注入漏洞,该漏洞源于在处理FTP URL中的换行符,对用户提供的输入验证不足。攻击者可利用该漏洞可以欺骗受害者点击一个特别制作的URL,并在远程服务器上执行任意FTP命令,以下产品及版本受到影响:60.0, 60.2.1, 60.3, 60.3.0, 60
CVSS Information
N/A
Vulnerability Type
N/A