Computer security experts have warned Web developers to take steps to eliminate the threat of malicious programs.
The danger comes from so-called cross-site scripting, which allows hackers to launch malicious scripts or tags into dynamically generated Web pages.
Information and guidance to help customers minimise attacks has been issued by the Computer Emergency Response Team (Cert) together with Microsoft, Sun Microsystems and Apache Software.
Servers that generate dynamic pages do not have complete control over how their output is interpreted by a client, said Cert. The problem arises when untrusted content is introduced into a dynamic page, because neither the server or client will have enough information to recognise that it has happened.
Cert warns that any server which generates Web pages dynamically should check that inserted data does not contain any special characters which can be interpreted as HTML tags. Failure to do so could lead to an attacker being able to manipulate the data that Web servers insert into a generated page.
The Apache Software Foundation said the threat is a serious issue with "potential implications that are only starting to be understood". The group warns that the sites most at risk are those where users have some type of account log-in or access to data that should not be publicly available.
Intruders can insert unwanted or offensive images or sounds into the page, warns Cert. Cookies and forms can also be modified by an attacker to include malicious code.
"I have come across this problem on a few occasions. It occurs because there isn't a consistent security model for browsers," said Richard Stagg, senior security architect at Information Risk Management.
Microsoft said Web developers should review their code and make sure that it sticks to secure coding practices.
Further advice and information can be found on the companies' websites.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007