CVE-2020-12397
CVE-2020-12397
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
22 May 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0.
Affected products
Mozilla · ThunderbirdWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →