Mozilla Firefox before 51.0 :- Special about: pages used by web content, such as RSS feeds, can load privileged about: pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation.