Category: EITC$/$IS$/$WASF

Which of the statements below are true

OWASP Top $10$ security risks include Injection attacks.

One of the ways to defend from XSS $($cross$-$site scripting$)$ attacks is to use HTTP$-$only cookies which will not be available to JavaScript running in the browser.

Code injection attacks cannot be executed in compiled programming languages $($such as Java$).$

Attacking a web service may allow hackers to mine cryptocurrencies.