Home/Alerts/Alert detail/

Cross-Domain JavaScript Source File Inclusion

Risk:
Low

Type:
Passive

CWE:
CWE-829

Summary: The page includes one or more script files from a third-party domain.

Solution: Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.

Top Security News

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

Microsoft: macOS bug lets hackers install malicious kernel drivers

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks

Russian APT Phishes Kazakh Gov't for Strategic Intel

Risk, Reputational Scores Enjoy Mixed Success as Security Tools

Biden's Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense

W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

Windows Server 2025 released—here are the new features

Common Alerts

MediumEmails Found in the Viewstate

InformationalSplit Viewstate in Use

MediumXSLT Injection

MediumSpring Actuator Information Leak

HighXML External Entity Attack

LowFull Path Disclosure

InformationalSec-Fetch-Dest Header Has an Invalid Value

LowInformation Disclosure - Debug Error Messages

InformationalBase64 Disclosure in WebSocket message

LowHash Disclosure - MD4 / MD5

Latest CVE List

CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability

CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability

CVE-2025-21333 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability

CVE-2025-21334 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2025-21335 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

CVE-2023-48365 Qlik Sense HTTP Tunneling Vulnerability

CVE-2025-0282 Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

CVE-2024-41713 Mitel MiCollab Path Traversal Vulnerability

CVE-2024-55550 Mitel MiCollab Path Traversal Vulnerability

Top CWE List

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

HighCWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-1053 Missing Documentation for Design

CWE-304 Missing Critical Step in Authentication

CWE-307 Improper Restriction of Excessive Authentication Attempts

HighCWE-116 Improper Encoding or Escaping of Output

CWE-284 Improper Access Control

HighCWE-330 Use of Insufficiently Random Values

CWE-615 Inclusion of Sensitive Information in Source Code Comments

CWE-693 Protection Mechanism Failure

Free online web security scanner

Don't show website scan report rating on the leaderboard