Script execution in HTML mail replies
- February 6, 2014
- Fabián Cuchietti, Ateeq ur Rehman Khan
- SeaMonkey, Thunderbird
- Fixed in
- SeaMonkey 2.20
- Thunderbird 23
Ateeq ur Rehman Khan of Vulnerability Labs reported additional variants of this attack involving the use of the <object> tag and which could be used to attach object data types such as images, audio, or video.
This affected the Thunderbird 17 branch. It was fixed in all versions based on Gecko 23 or later. Thunderbird 24 and later are not affected by this vulnerability.