CNNVD-202601-2622 Information
CNNVD ID
CNNVD-202601-2622
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
Import Export Tools NG是thundernest开源的一个导入与导出工具。 Import Export Tools NG 10.0.4版本存在安全漏洞,该漏洞源于电子邮件导出模块存在持久性HTML注入,可能导致远程攻击者注入恶意HTML有效载荷。
Description (English)
Import Export Tools NG is an import and export tool for the thundnest open source. The Import Export Tools NG 10.0.4 version contains a security loophole, which stems from the persistent HTML injection of the e-mail export module, which may result in the introduction of a malicious HTML payload by a remote assailant.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
thundernest
Published
2026-01-15
Last Modified
2026-02-24
References
https://addons.thunderbird.net/en-US/thunderbird/addon/importexporttools-ng/ https://github.com/thundernest/import-export-tools-ng https://www.exploit-db.com/exploits/50496 https://www.vulnerability-lab.com/get_content.php?id=2308
Patch
https://github.com/thunderbird/import-export-tools-ng/releases
Share on: