This script is using jquery v 1.9.1 

<script src="//static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js"></script>

This version of jquery has known vulnerabilities.  The script is included by default from Zendesk and is not included via our theme.  I am trying to figure out how to get Zendesk to upgrade this to a newer version.