Description
This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.
This is an attack technique used to trick a user into thinking that fake web site content is legitimate data.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
WordPress Plugin Anti-Splog Cross-Site Scripting (2.1.7)
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Multiple Vulnerabilities (1.5.2)
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.3)
WordPress Plugin WP Symposium Cross-Site Scripting (11.11.26)
WordPress Plugin Advanced Permalinks Cross-Site Scripting (0.1.19)