A recent update to Firefox enforces new security rules which block unsecure content from displaying within a secure context. For the CMS, this means thatif you are logged in when you browse to a page with a YouTube video pasted into the body, the video will not display, leaving only a blank space.
External visitors do not log in, so these videos will render as normal, UNLESS they have followed an incorrectly hard-coded link (starting with "https://...") from elsewhere in the site.
Always use the Internal Link functionality (see above) to link to content within the CMS.
This issue currently affects the live site as well as the upgrade version. We are working on a fix for a later release.
NOTE: This does not happen for videos created via the 'Create Embedded Video' link, only for those pasted into the body of a text editor.