Improper Neutralization of Encoded URI Schemes in a Web Page

The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings.