Security issues

Reflected Cross-site scripting XSS

Persistent Cross-site scripting XSS

Persistent Cross-site scripting from JavaScript string literals

Why scripts from other people can harm your website and its visitors

Evaled JSON injection