CVE-2025-8029 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 14…
High CVSS: 8.1

CVE-2025-8029

Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
Vendor
Mozilla
Product
Firefox
CWE
CWE-80
Yayın Tarihi
2025-07-22 21:15:50
Güncelleme
2025-11-03 20:19:21
Source Identifier
security@mozilla.org
KEV Date Added
-

Kategoriler

CWE-80 Firefox HIGH Mozilla 2025

Referanslar

https://bugzilla.mozilla.org/show_bug.cgi?id=1928021 https://www.mozilla.org/security/advisories/mfsa2025-56/ https://www.mozilla.org/security/advisories/mfsa2025-58/ https://www.mozilla.org/security/advisories/mfsa2025-59/ https://www.mozilla.org/security/advisories/mfsa2025-61/ https://www.mozilla.org/security/advisories/mfsa2025-62/ https://www.mozilla.org/security/advisories/mfsa2025-63/ https://lists.debian.org/debian-lts-announce/2025/07/msg00016.html