PT0-002 Question #398: Real Exam Question with Answer & Explanation

Question

A company developed a new web application to allow its customers to submit loan applications. A penetration tester is reviewing the application and discovers that the application was developed in ASP and used MSSQL for its back-end database. Using the application's search form, the penetration tester inputs the following code in the search input field: IMG SRC=vbscript:msgbox ("Vulnerable_to_Attack") ; >originalAttribute="SRC"originalPath="vbscript;msgbox ("Vulnerable_to_Attack ") ;>" When the tester checks the submit button on the search form, the web browser returns a pop-up windows that displays "Vulnerable_to_Attack." Which of the following vulnerabilities did the tester discover in the web application?

Options

• ASQL injection
• BCommand injection
• CCross-site request forgery
• DCross-site scripting

Explanation

The penetration tester discovered a Cross-site Scripting (XSS) vulnerability, as evidenced by the web application executing client-side VBScript code injected into a search form field, resulting in a pop-up message. This occurs when the application fails to properly sanitize user input before rendering it in the browser.

Common mistakes.

• A. SQL injection involves manipulating database queries through input fields, typically resulting in unauthorized data access or modification, not the execution of client-side scripts in a browser pop-up.
• B. Command injection allows an attacker to execute arbitrary commands on the host operating system, which would not manifest as a VBScript pop-up in the user's web browser.
• C. Cross-site request forgery (CSRF) involves tricking a logged-in user into performing unwanted actions on a web application, and it does not involve injecting and executing client-side scripts like the example shows.

Concept tested. Web application vulnerabilities - Cross-site scripting (XSS)

Reference. https://owasp.org/www-community/attacks/xss/

No community discussion yet for this question.