CVE-2015-2711

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered
by a referrer META element in cases of context-menu navigation and
middle-click navigation, which allows remote attackers to obtain sensitive
information by reading web-server Referer logs that contain private data in
a URL, as demonstrated by a private path component.