Wentz Wu posted: " Cross-Site Scripting (XSS) is one of the most well-known application security risks in the OWASP Top 10. The attacker sends text-based attack scripts that exploit the interpreter in the browser to hijack user sessions, insert hostile content, redirec"
Cross-Site Scripting (XSS) is one of the most well-known application security risks in the OWASP Top 10. The attacker sends text-based attack scripts that exploit the interpreter in the browser to hijack user sessions, insert hostile content, redirect users, etc. Which of the following statements about XSS is correct? (Wentz QOTD) A. Detection of most XSS flaws is fairly easy via testing or code analysis. B. XSS is initiated only if a user clicks a link or button that activates malicious scripts. C. XSS is subject to and thwarted by the Cross-Origin Resource Sharing (CORS) policy. D. Malicious scripts that hijack user sessions are stored and executed on the webserver.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.