| Possible use of private data | Warning | Security |
JavaScript - Avoid use of Function Constructors | High | Security |
| JavaScript - Avoid use of WebDB | High | Security |
| JavaScript - Avoid use of debugger statements | High | Security |
| JavaScript - Avoid unrestricted targetOrigin on cross-domain messaging | High | Security |
| JavaScript - Avoid making connections on unsafe protocols | Warning | Security |
| JavaScript - Avoid use of Eval function | High | Security |
| Javascript - Avoid use of alert function | Low | Scalability |
| Javascript - Avoid use of local storage on Client Scripts | High | Security |
| JavaScript - Optimize Loops | Warning | Performance |
| JavaScript - Use === comparison | Warning | Manageability |
| AngularJS - Denial of Service attack through DOM clobbering on versions under 1.6.3 | High | Security |
| AngularJS - Prototype Pollution Vulnerability under 1.7.9 | High | Security |
| AngularJS - XSS vulnerability through the attribute "usemap" from 1.0.0 to 1.2.30 | High | Security |
| AngularJS - XSS vulnerability through the attribute "usemap" from 1.3.0 to 1.5.0-rc2 | High | Security |
| AngularJS - XSS vulnerability under 1.8.0 - input HTML | High | Security |
| AngularJS - XSS vulnerability using AngularJS under 1.6.5 in Firefox and Safari - sanitize on inert Documents | High | Security |
| AngularJS - XSS vulnerability using AngularJS under 1.6.9 with Firefox | High | Security |
| jQuery - Prototype Pollution Vulnerability under 3.4.0 | High | Security |
| jQuery - XSS vulnerability under 1.6.3, when using location.hash | High | Security |
| jQuery - XSS vulnerability under 1.9.0, when using jQuery(strInput) | High | Security |
| jQuery - XSS vulnerability under 3.0.0, when making cross-domain calls without the dataType option | High | Security |
| jQuery - XSS vulnerability under 3.5.0, when using htmlPrefilter | High | Security |
| jQuery-ui-dialog - XSS vulnerability under 1.10.0, closeText parameter | High | Security |
| jQuery-ui-dialog - XSS vulnerability under 1.10.0, title attribute | High | Security |
| jQuery-ui-tooltip - XSS vulnerability under 1.10.0, title attribute | High | Security |
| moment.js - Regular Expression Denial of Service Vulnerability | High | Security |
| XSS vulnerability in Ext JS Action Column getTip | High | Security |
| UI Scripts with hard-coded sys_ids | Medium | Manageability |
| Document Object Model (DOM) manipulation in UI Scripts | High | Manageability |
| Synchronous AJAX call in UI Scripts | High | Performance |
| UI Scripts with the console.log debugging method | Medium | Performance |
| GlideRecord usage on UI Scripts | High | Performance |
| UI Scripts with empty script field | Low | Performance |
| Avoid Global UI Scripts | Low | Performance |
| UI Scripts without function | Medium | Scalability |
| UI Scripts including Open Source libraries | Low | Performance |
| Modified Out of the Box Element | Warning | Scalability |