Multiple vulnerabilities in Mozilla Thunderbird

Description

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Cross-site scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
2. Security UI vulnerability can be exploited to spoof user interface.
3. Security vulnerability can be exploited to bypass security restrictions.
4. Information disclosure vulnerability can be exploited to obtain sensitive information.

Original advisories

• MFSA2025-35

Related products

• Mozilla-Thunderbird

CVE list

• CVE-2025-3875
  unknown
• CVE-2025-3877
  unknown
• CVE-2025-3909
  unknown
• CVE-2025-3932
  unknown

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com