Cross-Domain JavaScript Source File Inclusion
- Risk:
Low
- Type:
- Passive
- CWE:
- CWE-829
- Summary
The page includes one or more script files from a third-party domain.
- Solution
Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
Oracle denies breach after hacker claims theft of 6 million data records
Microsoft confirms it's killing off Skype in May, after 14 years
Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
Microsoft: New RAT malware used for crypto theft, reconnaissance
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
Microsoft: March Windows updates mistakenly uninstall Copilot
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
CVE-2025-1316 Edimax IC-7100 IP Camera OS Command Injection Vulnerability
CVE-2024-48248 NAKIVO Backup and Replication Absolute Path Traversal Vulnerability
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability
CVE-2025-24472 Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
CVE-2025-30066 tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability
CVE-2025-24201 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
CVE-2025-21590 Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability
CVE-2025-26633 Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability
CVE-2025-24984 Microsoft Windows NTFS Information Disclosure Vulnerability
Free online web security scanner