Mozilla · Thunderbird · CVE-2025-8032
**Name of the Vulnerable Software and Affected Versions**
Firefox versions prior to 141
Firefox ESR versions prior to 128.13
Firefox ESR versions prior to 140.1
Thunderbird versions prior to 141
Thunderbird versions prior to 128.13
Thunderbird versions prior to 140.1
**Description**
The XSLT document loading process did not correctly propagate the source document, which bypassed the Content Security Policy (CSP).
**Recommendations**
Update Firefox to version 141 or later.
Update Firefox ESR to version 128.13 or later.
Update Firefox ESR to version 140.1 or later.
Update Thunderbird to version 141 or later.
Update Thunderbird to version 128.13 or later.
Update Thunderbird to version 140.1 or later.