• A vulnerability which uses the circumstance that a script referenced through a script element is exempt from the same-origin policy, as scripts need to work across domains. An attacker may access and use what is being loaded using the respective script, and thus leaked across origins.

1. More about this term (beta): articles and videos, books, web search
2. Previous term: Cross-site request forgery
3. Next term: Cross-site scripting
4. Random term: Confidence testing (or roll the dice with webglossary.info/random)