Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

An insurance company has developed a new web application to allow its customers to choose and apply for an insurance plan. You have been asked

An insurance company has developed a new web application to allow its customers to choose and apply for an insurance plan. You have been asked to help perform a security review of the new web application. You have discovered that the application was developed in ASP and used MSSQL for its backend database. You have been able to locate an application's search form and introduced the following code in the search input field:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
IMG SRC=vbscript:msgbox("Vulnerable_to_Attack");> originalAttribute="SRC"
originalPath="vbscript:msgbox("Vulnerable_to_Attack ");>"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
When you click submit on the search form, your web browser returns a pop-up window that displays Vulnerable_to_Attack. Which of the following vulnerabilities did you discover in the web application?
Cross-site request forgery
Command injection
Cross-site scripting -- This is the correct answer
SQL injection
Can you please provide an explanation as to why this answer is correct so I can be prepared on the CySA+ certification exam.

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database In Depth Relational Theory For Practitioners

Authors: C.J. Date

1st Edition

0596100124, 978-0596100124

More Books

Students also viewed these Databases questions

Question

Contrast a sale and leaseback with direct leasing.

Answered: 1 week ago

Question

Discuss ethical guidelines for intercultural communication

Answered: 1 week ago