CVE 2016-4603
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior.
See the 
CVE page on Mitre.org
for more details.
