Description
This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.
This is an attack technique used to trick a user into thinking that fake web site content is legitimate data.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
WordPress Plugin Stockdio Historical Chart Cross-Site Scripting (2.7.2)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10)
Joomla! Core 3.x.x Multiple Vulnerabilities (3.7.0 - 3.8.3)
WordPress Plugin WordPress Payments-GetPaid Cross-Site Scripting (2.3.3)
WordPress Plugin Easy Testimonials Cross-Site Scripting (3.5.2)