Raphael Smolik

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 91.4.0 Firefox ESR versions prior to 91.4.0 Firefox versions prior to 95 **Description** The issue is related to the handling of XMLHttpRequest requests in Mozilla Firefox and Thunderbird, which could lead to information disclosure. An attacker could identify installed applications by probing error messages for loading external protocols. This could allow a remote attacker to access confidential information. **Recommendations** For Thunderbird versions prior to 91.4.0, update to version 91.4.0 or later. For Firefox ESR versions prior to 91.4.0, update to version 91.4.0 or later. For Firefox versions prior to 95, update to version 95 or later.