These risks are-
Cross-Site Scripting (XSS) enables attackers to manipulate websites to
return malicious scripts to visitors. These malicious scripts can then give the
attacker complete control on the client machine.
If XSS vulnerabilities aren’t remediated, they can result in “user data theft, account tampering, malware spreading or remote control over a user’s browser” 6
the most risk to web and mobile applications, there are a variety of other
common security issues that can increase risks for users.
These issues include “improper client-server trust relationships” 6, vulnerabilities in browser and browser plugin code, SQL Injection, Command Injection, and others.