CVE-2021-43528 log

Severity Low
Remote Yes
Type Arbitrary code execution
Thunderbird before version 91.4.0 unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities.
Group Package Affected Fixed Severity Status Ticket
AVG-2608 thunderbird 91.3.2-2 91.4.0-1 High Fixed
Date Advisory Group Package Severity Type
11 Dec 2021 ASA-202112-9 AVG-2608 thunderbird High multiple issues