Mozilla · Thunderbird · CVE-2025-8038
**Name of the Vulnerable Software and Affected Versions**
Thunderbird versions prior to 141
Thunderbird versions prior to 140.1
Firefox versions prior to 141
Firefox ESR versions prior to 140.1
**Description**
Thunderbird and Firefox incorrectly handled path validation during frame navigations. This issue could potentially allow for malicious actions due to improper navigation checks within a frame.
**Recommendations**
Update Thunderbird to version 141 or later.
Update Thunderbird to version 140.1 or later.
Update Firefox to version 141 or later.
Update Firefox ESR to version 140.1 or later.