This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote macOS or Mac OS X host contains a web browser that is
affected by a same-origin policy bypass vulnerability.
The version of Mozilla Firefox installed on the remote macOS or Mac
OS X host is 49.x prior to 50.0.1. It is, therefore, affected by a
same-origin policy bypass vulnerability in the
GetChannelResultPrincipal() function in nsScriptSecurityManager.cpp
due to improper handling of HTTP redirects to 'data: URLs'. An
unauthenticated, remote attacker can exploit this to bypass the
See also :
Upgrade to Mozilla Firefox version 50.0.1 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false