Script Served From Malicious Domain (polyfill)
ID |
script_served_from_malicious_domain_polyfill |
Severity |
critical |
Kind |
Security Misconfiguration |
CWE |
829 |
Description
-
Script Served From Malicious Domain (polyfill): The page includes one or more script files loaded from one of the 'polyfill' domains. These are not associated with the polyfill.js library and are known to serve malicious content.
-
Script Served From Malicious Domain (polyfill): The page includes one or more script which appear to include a reference to one of the 'polyfill' domains. These are not associated with the polyfill.js library and are known to serve malicious content. You should check to see if it is a safe reference (for example in a comment) or whether the script is loading content from that domain.
Rationale
Malicious polyfill domains serve compromised JavaScript that executes with the same privileges as the application. Attackers can inject code to steal credentials, session tokens, or payment information from all users of the application. This represents a supply chain attack where the compromised third-party script is automatically loaded and executed by browsers, making it difficult to detect and affecting all site visitors immediately upon page load.