What security issues can AJAX face?

As AJAX function calls are sent to the server in plain text, they might reveal database details, variable names, and the like without much difficulty.

The browsing session of users can be monitored by inserting scripts. AJAX encourages developers to use multiple server side pages, thus giving attackers multiple vantage points to attack.