Scripts in attachments, including messages forwarded as attachments, can access the content of the main message. They should be isolated or not allowed to run at all. Tested using SeaMonkey 1.0 Alpha on Mac. Fixing this bug would eliminate wiretap-style exploits for messages forwarded as attachments (which is the default for Thunderbird) regardless of the state of the capability.policy.mailnews.*.* blacklist (often ineffective due to omissions).
See also bug 67702, a sender-side solution for the forward-inline mode.
This was fixed by bug 374577.