• A vulnerability which uses the circumstance that a script referenced through a script element is exempt from the same-origin policy, as scripts need to work across domains. An attacker may access and use what is being loaded using the respective script, and thus leaked across origins.

1. Previous term: Cross-site request forgery
2. Next term: Cross-site scripting
3. Random term: Domain Name Service