As reported by @Krinkle, MediaWiki:common.js on arwiki is currently loading some external JavaScript on line 14 (tools.wmflabs.org/imagemapedit/ime.js):
While tools.wmflabs.org might not be considered "external" by certain community members, the Security-Team definitely considers it external when it comes to various security and privacy issues. WMF-Legal or Trust-and-Safety should perform an office action here where lines 11 - 18 are deleted and a note left on the talk page and perhaps with a privileged user (Meno25 is a sysop who's recently edited the page.) The Security-Team is happy to help with any of the messaging/boilerplate.