Just as servers are, clients too are at risk in Web applications, especially those on the Internet. It is possible for Web browsers to unknowingly download content and programs that could open the client system to crackers and automated agents all over the Net. Malicious programs could collect and send sensitive and private information from the client machine to Net programs and servers that collect such information.
As a general rule, pure HTML 3.2, without client-side scripting, is rather secure. There is little that a Web page designer can do to extract or to breach a client's security. Client-side risk usually involves the following technologies: