The host is installed with Google Chrome before 48.0.2564.82 and is prone to a url spoofing vulnerability. A flaw is present in the application, which fails to handle vectors involving an unfocused custom button. Successful exploitation allows remote attackers to spoof URLs.