{"id":"CVE-2025-8032","details":"XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox \u003c 141, Firefox ESR \u003c 128.13, Firefox ESR \u003c 140.1, Thunderbird \u003c 141, Thunderbird \u003c 128.13, and Thunderbird \u003c 140.1.","modified":"2026-04-16T04:32:06.112115587Z","published":"2025-07-22T21:15:50.360Z","related":["ALSA-2025:11747","ALSA-2025:11748","ALSA-2025:11797","ALSA-2025:12187","ALSA-2025:12188","ALSA-2025:13676","SUSE-SU-2025:02529-1","SUSE-SU-2025:02531-1","SUSE-SU-2025:02546-1","SUSE-SU-2025:21170-1","openSUSE-SU-2025:15371-1","openSUSE-SU-2025:15383-1","openSUSE-SU-2025:15386-1","openSUSE-SU-2025:15387-1","openSUSE-SU-2025:20135-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00016.html"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-62/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-63/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-56/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-58/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-59/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2025-61/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1974407"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8032.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"128.13.0"}]},{"events":[{"introduced":"0"},{"fixed":"141.0"}]},{"events":[{"introduced":"140.0"},{"fixed":"140.1.0"}]},{"events":[{"introduced":"0"},{"fixed":"128.13.0"}]},{"events":[{"introduced":"0"},{"fixed":"141.0"}]},{"events":[{"introduced":"140.0"},{"fixed":"140.1.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}]}