nerdexam
EC-Council

312-50V11 · Question #329

A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the ap

The correct answer is C. Cross-site scripting. The analyst injected a VBScript-based IMG tag payload into a search field that executed client-side script in the browser, demonstrating a Cross-site Scripting (XSS) vulnerability.

Hacking Web Applications

Question

A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the application is developed in ASP scripting language and it uses MSSQL as a database backend. The analyst locates the application's search form and introduces the following code in the search input field:

IMG SRC=vbscript:msgbox("Vulnerable");> originalAttribute="SRC" originalPath="vbscript:msgbox ("Vulnerable");>" When the analyst submits the form, the browser returns a pop-up window that says "Vulnerable". Which web applications vulnerability did the analyst discover?

Options

  • ACross-site request forgery
  • BCommand injection
  • CCross-site scripting
  • DSQL injection

How the community answered

(41 responses)
  • A
    5% (2)
  • B
    10% (4)
  • C
    71% (29)
  • D
    15% (6)

Why each option

The analyst injected a VBScript-based IMG tag payload into a search field that executed client-side script in the browser, demonstrating a Cross-site Scripting (XSS) vulnerability.

ACross-site request forgery

Cross-site request forgery involves tricking an authenticated user's browser into sending forged requests, not injecting executable script payloads into input fields.

BCommand injection

Command injection targets server-side OS shell interpreters by embedding shell metacharacters, not client-side browser script execution via HTML or VBScript tags.

CCross-site scriptingCorrect

XSS occurs when an application reflects unvalidated user input back to the browser, allowing malicious scripts to execute in the client context. The injected IMG SRC with vbscript:msgbox() is a classic XSS payload that triggers client-side script execution without touching the server-side database. The browser rendering the popup confirms the application fails to sanitize or encode user-supplied input before outputting it to the page.

DSQL injection

SQL injection manipulates database query logic through specially crafted input, not browser-rendered script tags like IMG SRC with vbscript.

Concept tested: Cross-site scripting (XSS) via script injection in input fields

Source: https://owasp.org/www-community/attacks/xss/

Topics

#cross-site scripting#XSS#vbscript injection#ASP web app

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice