The host is installed with Mozilla Firefox before 47.0 and is prone to a content security policy bypass vulnerability. The flaws are present in the application, which fails to handle cross-domain Java applets. Successful exploitation allows remote attackers to get through malicious site to manipulate content through a Java applet to bypass CSP protections, allowing for possible cross-site scripting (XSS) attacks.