Hacking websites via third-party JavaScript libraries

However, using third-party libraries as part of a website or application leaves the company significantly more vulnerable to a potential attack. I present three examples of vulnerabilities I have discovered in popular JavaScript libraries affecting thousands of large a free library for displaying table data as HTML, available to everyone. For instance, in case the profile name has a value  , own profile JavaScript code will be uploaded and this way, it will be embedded on any Uber website page that utilizes Tealium iQ.

Source: dmsec.io