OWASP Top 10 : Cross-Site Scripting #3 Bad JavaScript Imports