Home

CVE-2018-12373

Description

dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.098

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Mozilla Thunderbird 52.8.0Windows
Multiple Vulnerabilities are affected in Mozilla Thunderbird for Mac 52.8.0Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-315938Mozilla Thunderbird (68.12.0)
PATCH-611807Mozilla Thunderbird For Mac (142.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234