diff --git a/src/detectors/transpilers/html/parser.ts b/src/detectors/transpilers/html/parser.ts
index b63211bb2..0646ce6ca 100644
--- a/src/detectors/transpilers/html/parser.ts
+++ b/src/detectors/transpilers/html/parser.ts
@@ -61,6 +61,7 @@ export async function extractJSScriptTags(contentStream: ReadStream) {
 				return attr.name.value !== "type" ||
 					(attr.name.value === "type" &&
 					["",
+						"module",
 						"text/javascript",
 						"application/javascript", /* legacy */
 					].includes(attr.value.value.toLowerCase()));
diff --git a/src/linter/html/linter.ts b/src/linter/html/linter.ts
index 6dd781aea..c402c301c 100644
--- a/src/linter/html/linter.ts
+++ b/src/linter/html/linter.ts
@@ -12,9 +12,12 @@ export async function lintHtml(resourceName: string, contentStream: ReadStream):
 	const jsScriptTags = await extractJSScriptTags(contentStream);
 
 	jsScriptTags.forEach((tag) => {
-		const scriptContent = tag.textNodes?.map((tNode) => tNode.value).join("").trim();
+		// Tags with src attribute do not parse and run inline code
+		const hasSrc = tag.attributes.some((attr) => {
+			return attr.name.value.toLowerCase() === "src";
+		});
 
-		if (scriptContent) {
+		if (!hasSrc && tag.textNodes?.length > 0) {
 			report.addMessage({
 				node: tag,
 				severity: LintMessageSeverity.Warning,
diff --git a/test/fixtures/linter/rules/CSPCompliance/NoInlineJS.html b/test/fixtures/linter/rules/CSPCompliance/NoInlineJS.html
index 234152a16..5f76f49ff 100644
--- a/test/fixtures/linter/rules/CSPCompliance/NoInlineJS.html
+++ b/test/fixtures/linter/rules/CSPCompliance/NoInlineJS.html
@@ -43,6 +43,18 @@
 		});
 		sap.ui.xmlview({ viewContent: jQuery('#myXml').html() }).placeAt("content");
 	</script>
+
+	<script type="module">
+		import { log } from "utils";
+
+		log("Exporting dog names.");
+
+		export const names = ["Kayla", "Bentley", "Gilligan"];
+	</script>
+	
+	<script>
+		// This one should be reported!
+	</script>
 </body>
 
 </html>
diff --git a/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html b/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html
index 2433e0f52..fb6763c38 100644
--- a/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html
+++ b/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html
@@ -16,7 +16,23 @@
 		</mvc:View>
 	</script>
 
-	<script type="module">
+	<script src="">
+		sap.ui.controller("my.own.controller", {
+			doSomething: function () {
+				alert("Hello World!");
+			}
+		});
+	</script>
+
+	<script src>
+		console.log("this code won't run");
+	</script>
+
+	<script type="" src="./path/to/js.js">
+		 // should not be reported as it is not a CSP violation
+	</script>
+	
+	<script type="module" src>
 		import { log } from "utils";
 
 		log("Exporting dog names.");
diff --git a/test/lib/detectors/transpilers/xml/snapshots/transpiler.ts.snap b/test/lib/detectors/transpilers/xml/snapshots/transpiler.ts.snap
index 34cf2d7d2..33cb3f6fc 100644
Binary files a/test/lib/detectors/transpilers/xml/snapshots/transpiler.ts.snap and b/test/lib/detectors/transpilers/xml/snapshots/transpiler.ts.snap differ
diff --git a/test/lib/linter/rules/snapshots/CSPCompliance.ts.md b/test/lib/linter/rules/snapshots/CSPCompliance.ts.md
index af1750ae8..00977a276 100644
--- a/test/lib/linter/rules/snapshots/CSPCompliance.ts.md
+++ b/test/lib/linter/rules/snapshots/CSPCompliance.ts.md
@@ -51,8 +51,26 @@ Generated by [AVA](https://avajs.dev).
             ruleId: 'ui5-linter-csp-unsafe-inline-script',
             severity: 1,
           },
+          {
+            column: 2,
+            fatal: undefined,
+            line: 47,
+            message: 'Use of unsafe inline script',
+            messageDetails: 'Content Security Policy (https://ui5.sap.com/1.120/#/topic/fe1a6dba940e479fb7c3bc753f92b28c)',
+            ruleId: 'ui5-linter-csp-unsafe-inline-script',
+            severity: 1,
+          },
+          {
+            column: 2,
+            fatal: undefined,
+            line: 55,
+            message: 'Use of unsafe inline script',
+            messageDetails: 'Content Security Policy (https://ui5.sap.com/1.120/#/topic/fe1a6dba940e479fb7c3bc753f92b28c)',
+            ruleId: 'ui5-linter-csp-unsafe-inline-script',
+            severity: 1,
+          },
         ],
-        warningCount: 4,
+        warningCount: 6,
       },
     ]
 
diff --git a/test/lib/linter/rules/snapshots/CSPCompliance.ts.snap b/test/lib/linter/rules/snapshots/CSPCompliance.ts.snap
index 4d46aa976..08c4b12a1 100644
Binary files a/test/lib/linter/rules/snapshots/CSPCompliance.ts.snap and b/test/lib/linter/rules/snapshots/CSPCompliance.ts.snap differ
diff --git a/test/lib/linter/rules/snapshots/NoDeprecatedApi.ts.snap b/test/lib/linter/rules/snapshots/NoDeprecatedApi.ts.snap
index 5f63420bc..11120fef8 100644
Binary files a/test/lib/linter/rules/snapshots/NoDeprecatedApi.ts.snap and b/test/lib/linter/rules/snapshots/NoDeprecatedApi.ts.snap differ
diff --git a/test/lib/linter/rules/snapshots/NoGlobals.ts.snap b/test/lib/linter/rules/snapshots/NoGlobals.ts.snap
index 9401ec6ef..c0d1f72e1 100644
Binary files a/test/lib/linter/rules/snapshots/NoGlobals.ts.snap and b/test/lib/linter/rules/snapshots/NoGlobals.ts.snap differ
diff --git a/test/lib/linter/snapshots/linter.ts.snap b/test/lib/linter/snapshots/linter.ts.snap
index 9fa4df8e1..d779a50b4 100644
Binary files a/test/lib/linter/snapshots/linter.ts.snap and b/test/lib/linter/snapshots/linter.ts.snap differ