CVE-2019-12269 (enigmail)

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a “correctly signed” message indication, but display different unauthenticated text.
Source: NIST
CVE-2019-12269 (enigmail)