This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Windows host contains a web browser that is affected by
a same-origin policy bypass vulnerability.
The version of Mozilla Firefox installed on the remote Windows host
is 49.x prior to 50.0.1. It is, therefore, affected by a same-origin
policy bypass vulnerability in the GetChannelResultPrincipal()
function in nsScriptSecurityManager.cpp due to improper handling of
HTTP redirects to 'data: URLs'. An unauthenticated, remote attacker
can exploit this to bypass the same-origin policy.
See also :
Upgrade to Mozilla Firefox version 50.0.1 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false