Exploit Running arbitrary third party javascript for all users visiting the page
Mitigation Sanitize html reserved words for js script execution