Insertscript

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 50.1 Firefox ESR versions prior to 45.6 Thunderbird versions prior to 45.6 **Description** The issue allows external resources that should be blocked when loaded by SVG images to bypass security restrictions through the use of `data:` URLs, potentially leading to cross-domain data leakage. **Recommendations** For Firefox versions prior to 50.1, update to version 50.1 or later. For Firefox ESR versions prior to 45.6, update to version 45.6 or later. For Thunderbird versions prior to 45.6, update to version 45.6 or later.