The host is missing an important security update according to Mozilla advisory, MFSA2016-29. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict the availability of IFRAME Resource Timing API times. Successful exploitation allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.