I know many other languages use the eval() function to take a string argument and evaluate it as part of the source code (so you can run a function or assign a variable etc). I've seen it in PHP, ...

Mozilla rolled out protection measures to block code injection attacks in the Firefox web browser, with the attack surface being reduced by removing eval()-like functions and inline scripts ...