The host is installed with Mozilla Firefox before 49.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle local files being dragged and dropped into firefox. Successful exploitation allows remote attackers to disclose full path to local files.