Home / Early Warning / Vulnerabilidades / CVE-2021-43543

CVE-2021-43543

Type: 
Cross-Site Scripting (XSS)
Severity: 
Medium
Publication date: 
12/08/2021
Last modified: 
03/16/2022
Description
Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + No impact on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
Explanation of fields