Burp reported potential DOM XSS. Data is read from location and passed to the 'init()' function of JQuery via:
var table = location['table'] || location['sysparm_table'];
snPresence.init(table, sys_id, query);
URL looks as such,
https://publicsite.com/scripts/Scoreboard/js_includes_cmdb_scoreboard.jsx
Is this vulnerable? How can I check if vulnerable with Chrome DevTools?
Portswigger also mentions the init() sink of JQuery as leading to DOM XSS
https://portswigger.net/web-security/cross-site-scripting/dom-based