CVE 2015-4508
Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.
See the
CVE page on Mitre.org
for more details.