Penetrаtiоn Testing Sоlutiоns, LLC recently performed а full pentest on а local health insurance company. In their exercise, they found that they were able to insert some javascript code into their public facing websites which redirected end users to their own website. Which kind of vulnerability/attack is present in the health insurance company's website?