The host is missing an important security update according to Mozilla advisory, MFSA2015-82. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly impose certain ECMAScript 6 requirements on JavaScript object properties. Successful exploitation allows remote attackers to bypass the Same Origin Policy.