nerdexam
EC-Council

312-50V13 · Question #628

During a penetration test, an ethical hacker is exploring the security of a complex web application. The application heavily relies on JavaScript for client-side input sanitization, with an apparent a

The correct answer is D. Launch a Cross-Site Scripting (XSS) attack, aiming to bypass the client-side sanitization and. Explanation Launching a Cross-Site Scripting (XSS) attack is the most effective strategy because it directly exploits both identified vulnerabilities simultaneously - client-side-only JavaScript sanitization (which can be bypassed by crafting malicious payloads that circumvent or

Submitted by packet_pusher· Mar 6, 2026Hacking Web Applications

Question

During a penetration test, an ethical hacker is exploring the security of a complex web application. The application heavily relies on JavaScript for client-side input sanitization, with an apparent assumption that this alone is adequate to prevent injection attacks. During the investigation, the ethical hacker also notices that the application utilizes cookies to manage user sessions but does not enable the HttpOnly flag. This lack of flag potentially exposes the cookies to client-side scripts. Given these identified vulnerabilities, what would be the most effective strategy for the ethical hacker to exploit this application?

Options

  • AInstigate a Distributed Denial of Service (DDoS) attack to overload the server, capitalizing on
  • BImplement an SQL Injection attack to take advantage of potential unvalidated input and gain
  • CEmploy a brute-force attack to decipher user credentials, considering the lack of server-side
  • DLaunch a Cross-Site Scripting (XSS) attack, aiming to bypass the client-side sanitization and

How the community answered

(15 responses)
  • A
    13% (2)
  • B
    7% (1)
  • C
    27% (4)
  • D
    53% (8)

Explanation

Explanation

Launching a Cross-Site Scripting (XSS) attack is the most effective strategy because it directly exploits both identified vulnerabilities simultaneously - client-side-only JavaScript sanitization (which can be bypassed by crafting malicious payloads that circumvent or are injected outside the sanitization logic) and the missing HttpOnly flag, which allows injected scripts to access and steal session cookies. XSS is purpose-built for exactly this attack surface, enabling session hijacking with minimal friction.

  • Option A (DDoS) is wrong because it targets availability, not the specific vulnerabilities identified; it neither exploits JavaScript sanitization gaps nor cookie exposure.
  • Option B (SQL Injection) targets database input handling, but the scenario's vulnerabilities are centered on client-side sanitization and cookie management - not necessarily unvalidated database queries.
  • Option C (Brute-force) attacks authentication credentials through repetition and has no relevance to the JavaScript sanitization or HttpOnly cookie vulnerabilities described.

Memory Tip: Think "XSS = Cookie Monster" - whenever you see missing HttpOnly flag + client-side-only sanitization, XSS is the attacker's best friend because it lets scripts steal cookies directly from the browser.

Topics

#Cross-Site Scripting (XSS)#Client-side input sanitization#HttpOnly flag#Session hijacking

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice