The host is installed with Mozilla Firefox before 42.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle vectors involving SVG animations and the about:reader URL. Successful exploitation could allow attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks.