Mozilla Thunderbird CVE-2015-7188 Vulnerability

description-logoDescription

Security researcher Micha Bentkowski reported that adding white-space characters to hostnames that are IP addresses can bypass same-origin policy. This flaw was caused by trailing whitespaces being evaluated differently when parsing IP addresses instead of alphanumeric hostnames. This could lead to a cross-site script (XSS) attack.

affected-products-logoAffected Applications

Thunderbird

CVE References

CVE-2015-7188