Input Validation Error Medium An externally supplied link has been used as an attribute (e.g. src, href, value) in a HTML tag. This can have have a variety of possible consequences, from benign, to serious, depending on the tag. Impacts can include automatic client fetching of remote malicious content. These could be used for phishing or, possibly, cross-domain attacks. The developer should examine the tag and determine the possible security implications of the use of a remotely supplied URI. Vega has determined that a HTML tag in the target page has an attribute (such as src, href, or value) that is a URI supplied by the scanner. There are a variety of security implications, depending on the tag. The most serious consequences include phishing attacks or possible cross-domain risks that can occur if the browser of the target user automatically fetches malicious content from these links.