USN-4647-1: Thunderbird vulnerabilities
25 November 2020
Several security issues were fixed in Thunderbird.
- thunderbird - Mozilla Open Source mail and newsgroup client
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information across origins, bypass security restrictions,
conduct phishing attacks, conduct cross-site scripting (XSS) attacks,
bypass Content Security Policy (CSP) restrictions, conduct DNS rebinding
attacks, or execute arbitrary code.