CVE-2021-47768
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-15

Last updated on: 2026-01-15

Assigner: VulnCheck

Description
ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads. Attackers can send emails with crafted HTML in the subject that execute during HTML export, potentially compromising user data or session credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-15
Last Modified
2026-01-15
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47768
EUVD
EUVD-2026-2765
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
thundernest importexporttools_ng 10.0.4
thundernest importexporttools_ng From 68 (inc) to 128 (inc)
thundernest importexporttools_ng From 140 (inc) to 144 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47768 is a persistent HTML injection vulnerability in ImportExportTools NG version 10.0.4, an add-on for Mozilla Thunderbird. The vulnerability occurs because the email subject content is not properly sanitized or encoded during HTML export. This allows a remote attacker to send an email with malicious HTML code embedded in the subject line. When the victim exports their inbox content to HTML using the vulnerable add-on, the malicious HTML payload executes, potentially compromising user data or session credentials. [2, 3]

Impact Analysis

This vulnerability can impact you by allowing remote attackers to execute malicious HTML payloads when you export your emails to HTML using ImportExportTools NG 10.0.4. The execution of these payloads can lead to compromise of application data or session credentials, potentially exposing sensitive information or allowing further attacks. The attack requires no authentication and only low user interaction (exporting inbox content). [2, 3]

Detection Guidance

This vulnerability can be detected by sending a crafted email with malicious HTML payload embedded in the subject line to the target user's inbox. Then, export the inbox content to HTML using ImportExportTools NG version 10.0.4 and observe if the malicious payload executes during the HTML preview. There are no specific network or system commands provided to detect this vulnerability automatically. The detection involves manual testing of the export functionality with crafted emails. [2, 3]

Mitigation Strategies

Immediate mitigation steps include avoiding the use of ImportExportTools NG version 10.0.4 for HTML exports until a fixed version is available. Restrict or sanitize special characters in email subjects before export. Ensure that all output visible in the subject field during export is properly encoded and securely sanitized to prevent execution of injected HTML. Monitoring for updates or patches from the vendor and applying them promptly is also recommended. [2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47768. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart