Alexander Inführ

**Name of the Vulnerable Software and Affected Versions** Firefox versions 49 through 50.0 **Description** The issue allows redirection from an HTTP connection to a "data:" URL, assigning the referring site's origin to the "data:" URL in certain circumstances. This can lead to same-origin violations against a domain if it loads resources from malicious sites. It has been demonstrated that cross-origin setting of cookies is possible without the ability to read them. **Recommendations** For Firefox versions 49 through 50.0, update to version 50.0.1 or later to resolve the issue.