The host is installed with Google Chrome before 49.0.2623.75 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle URL's path component in the case of a ServiceWorker fetch. Successful exploitation allows remote attackers to obtain sensitive information about visited web pages by reading CSP violation reports, related to FrameFetchContext.cpp and ResourceFetcher.cpp.