When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 95.0 (excluding) |
Firefox_esr | Mozilla | * | 91.4.0 (excluding) |
Thunderbird | Mozilla | * | 91.4.0 (excluding) |