🧪 Software Integrity Vulnerability: Unverified Code Execution

This demo simulates a scenario where external scripts are fetched and executed without verification. This violates software integrity principles and could lead to supply chain attacks.

💥 Simulated Vulnerability

Press the button below to fetch and execute a script using eval()  — without validating its source or contents.

Click the button above to simulate loading unverified external code.

🛠️ Steps to Reproduce

  1. Open Developer Tools (F12).
  2. Click the button above to trigger the fetch and eval process.
  3. Inspect the Network tab for the script fetch request.
  4. Observe that the code is executed without integrity verification.

Best practice: Always verify third-party software via signatures, checksums, or Subresource Integrity (SRI).