Question
This question is about security of dynamic web applications. You have been hired as a web security expert by Town Tools, who are about to
This question is about security of dynamic web applications.
You have been hired as a web security expert by Town Tools, who are about to launch their online tool hire website. The website has been developed using node.js and the Express framework, with EJS as the templating engine. On your first day, you are shocked to discover the following route handling code in main.js on the site:
Describe three distinct security vulnerabilities you can see, the risk posed by each vulnerability and the approach you would take to address each vulnerability. There is no need to write working code in your answer, but reference any libraries and coding techniques you would use and write code snippets where it helps to illustrate your response.
For the vulnerability, give the common name for the vulnerability or a short description. For each risk, explain how the vulnerability could be exploited and give an example of what damage could be done by a hacker. For the remedy, explain how you would change the coding approach to fix the vulnerability.
Record your answers in a table like this:
\begin{tabular}{|l|l|l|} \hline Vulnerability & Risk and Example & Remedy \\ \hline & & \\ \hline & & \\ \hline & & \\ \hline \end{tabular}Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started