The host is missing a security update according to Mozilla advisory, MFSA2015-132. The update is required to fix a mixed-content restriction bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code. Successful exploitation could allow attackers to bypass intended mixed-content restrictions.