CVE-2022-4055 - How Improper URL Parsing in xdg-email with Thunderbird Could Let Attackers Attach Files Without You Knowing
In early 2023, a vulnerability was discovered in how xdg-email (part of xdg-utils) handles mailto URLs when Thunderbird is the configured mail client. The flaw,