DOM-XSS issues & JavaScript errors at a site where you least suspect to find 'em

Viruses and worms
1

Detected
jquery 1.7.2 Found in http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Vulnerability info:
Medium CVE-2012-6708 11290 Selector interpreted as HTML
Medium 2432 3rd party CORS request may execute CVE-2015-9251

Understandable as Google is not a security firm per se.

SyntaxError: Unexpected token &
/scan?url=-https%3A%2F%2Fstackoverflow.com%2F:64

SyntaxError: Invalid or unexpected token
/scan?url=-https%3A%2F%2Fstackoverflow.com%2F:64

SyntaxError: Unexpected identifier
/scan?url=-https%3A%2F%2Fstackoverflow.com%2F:64

SyntaxError: Unexpected token <
/scan?url=-https%3A%2F%2Fstackoverflow.com%2F:64

SyntaxError: Unexpected strict mode reserved word
/scan?url=-https%3A%2F%2Fstackoverflow.com%2F:64

SyntaxError: Unexpected token <
/scan?url=-https%3A%2F%2Fstackoverflow.com%2F:64

Someone has eaten the comma’s.

DOM-XSS sources and sinks: Results from scanning URL: -https://stackoverflow.com/
Number of sources found: 104
Number of sinks found: 890

Results from scanning URL: -https://cdn.sstatic.net/Js/stub.en.js?v=6751732dcb5e
Number of sources found: 44
Number of sinks found: 8

Results from scanning URL: -https://cdn.sstatic.net/Js/stub.en.js?v=6751732dcb5e
Number of sources found: 41
Number of sinks found: 17
ERROR: Execution of script ‘Dat Peer Detector v 1.1’ failed! require is not defined

polonus