Calendar invite display

1 Antwort
1 hat dieses Problem
14 Aufrufe
Letzte Antwort von christ1

vor 3 Jahren

16.08.21, 20:31

Thunderbird has a setting in View > Message Body As > Plain Text. For normal email, this means only a stripped text representation of the original email body is shown to prevent Thunderbird form loading and/or executing malicious code.

Observation: Messages containing *.ics attachments are displayed in a HTML table.

Question: Does this mean that sending malicious code in an *.ics can circumvent the Plain Text setting safety measures?

Thunderbird has a setting in View > Message Body As > Plain Text. For normal email, this means only a stripped text representation of the original email body is shown to prevent Thunderbird form loading and/or executing malicious code. Observation: Messages containing *.ics attachments are displayed in a HTML table. Question: Does this mean that sending malicious code in an *.ics can circumvent the Plain Text setting safety measures?

Answer 1 · 2021-08-16 20:31:54

christ1

Top 25 Contributor

17.08.21, 04:41

What exactly is your definition of 'malicious code'? If you're talking about embedded JavaScript, Thunderbird does not run JavaScript code in email messages per definition, and it cannot be turned on manually either.

If you mean to click on a link to a malicious web site in an email, this would also be possible in plain text messages.

Hilfe durchsuchen

Calendar invite display

Alle Antworten (1)

Nach Produkt erkunden

Nach Produkt erkunden

Nach Produkt durchsuchen

Themen im Forum nach Thema durchsuchen

Holen Sie sich Hilfe zu

Hilfe durchsuchen

Calendar invite display

Alle Antworten (1)