Partial user controllable script source

Description
  • The <strong>src</strong> parameter for one <strong>script</strong> tag from this page is partially controlled by user input. This behavior can potentially lead to various security issues, in some cases it could be possible to conduct <strong>Reverse Clickjacking</strong> attacks.
Remediation
  • Your script should properly sanitize user input. The user input should be properly escaped before being used to construct the script URL.
References