~10% of the homepages of Alexa Top 10k may allow a network attacker to get active scripting capabilities on them. Of those, 75% are because of the inclusion of external scripts retrieved over tainted channels. dais.unive.it/~calzavara/pap…