Anytime you bring third-party, or external, content into your deployment, you open security risks. Measures should be take to reduce these risks.
Malicious content can often try to take advantage of a user's authenticated session to extract server data, modify other widgets on the page, or attack web services that have been authenticated and authorized through Open Authorization (OAuth).
To help reduce security risks, learn about the three dimensions of data access, and determine how and if those access levels should be deployed in your particular deployment. For more information, see Developing trusted and restricted gadgets for IBM Connections
Parent topic: Securing widgets