Assess if java script has insecure coding issue

Refer to attached text file which has a javascript from our vendor who will be doing
tagging onto our website pages.

Also refer to another article id 28961487 in EE for background:
https://www.experts-exchange.com/questions/28961487/Mitigations-for-tagging-aggregator-sites-to-our-site.html

Q1:
Does the few lines of java script pose security concern other than capturing potential customer's
personal data (this is Ok but not capturing more than that)

Q2:
Does the java script codes violate any OWASP Top 10 secure coding practices?
AggregatorMkg_JavaTag.txt
sunhuxAsked:
Who is Participating?
 
Julian HansenConnect With a Mentor Commented:
I don't see any issues with the script. All it does is create a random number which it inserts into the URL that is used in a dynamically created <iframe>. No other information appears to be passed in the src other than the hardcoded variables and the random number.
0
All Courses

From novice to tech pro — start learning today.