## https://sploitus.com/exploit?id=B24718BB-2452-5124-B4A2-5937C46F12FC
CVE-2025-1015: The Thunderbird Address Book contains unsanitized URI fields that could be exploited by attackers. By creating an address book with malicious links, an attacker may trick another user into importing the compromised address book. If the user clicks on the unsanitized link within Thunderbird, it could lead to arbitrary execution of unprivileged JavaScript on a webpage opened within the Thunderbird client. This poses significant security risks as it may allow attackers to manipulate user sessions or steal sensitive information.
<img width="412" alt="cve-new" src="https://github.com/user-attachments/assets/ca138a57-b042-4e26-8c38-9ed03bca50bf" />