The existence of a specifically requested local file can be found due to the double firing of the “onerror” when the “source” attribute on a “<track>” tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox < 51.
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "51",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]