EPSS
Percentile
79.3%
Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.
bugzilla.redhat.com/show_bug.cgi?id=1361998
www.mozilla.org/security/advisories/mfsa2016-84/ https://www.mozilla.org/security/advisories/mfsa2016-86/