third party scripts, including from external domains that the company itself owns
If the company owns the domain then it isn't a third-party script. Would be nice if security researchers and journos could at least get the basics right when they complain about others not getting their basics right.
Biting the hand that feeds IT
