Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation4 reference(s) from NVD