Mozilla: Domain hijacking through appcache fallback (MFSA 2017-19)
A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...