CERTIFIED-IN-CYBERSECURITY · Question #46
Which of the following attacks take advantage of poor input validation in websites?
The correct answer is C. Cross-Site Scripting. Cross-Site Scripting (XSS) is a type of attack where malicious executable scripts are injected into the code of an otherwise benign website (or web application). Websites are vulnerable to XSS when they display data originating from requests or forms without validating it (and fu
Question
Which of the following attacks take advantage of poor input validation in websites?
Options
- APhishing
- BTrojans
- CCross-Site Scripting
- DRootkits
How the community answered
(54 responses)- A2% (1)
- B7% (4)
- C87% (47)
- D4% (2)
Explanation
Cross-Site Scripting (XSS) is a type of attack where malicious executable scripts are injected into the code of an otherwise benign website (or web application). Websites are vulnerable to XSS when they display data originating from requests or forms without validating it (and further sanitizing it, so that it is not executable). Trojans and phishing are attacks where software applications and messages try to appear legitimate but have hidden malicious functions, not necessarily relying on poor input validations. Finally, input validation does not even apply to a
Topics
Community Discussion
No community discussion yet for this question.