EPSS
Percentile
87.4%
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
bugzilla.redhat.com/show_bug.cgi?id=1712722
sourceforge.net/p/enigmail/bugs/983/