Question

In: Computer Science

Which one of these code fragments could possibly be a comment that could be used to...

Which one of these code fragments could possibly be a comment that could be used to perform a XSS injection?

Select one:

a. <script>Evil()</script>

b. DROP TABLE users;

c. admin’ OR 1=1 --

Solutions

Expert Solution

Which one of these code fragments could possibly be a comment that could be used to perform a XSS injection?

Ans: a) <script>Evil()</script>

XSS is Cross Site Scripting which is a malicious code injection executed in the victims browser.

XSS is used to steal users cookes or session tokens and other information. These help users log in automatically without any login credentials.

This XSS script can be executed on a vulnerable search field. When user enters the script in the search box, it gets executed.

XSS scripts can also be combined with javascript in order to execute.

Types of XSS attacks:

  • Reflected XSS - Malicous script is not stored on web server but is refelcted in site results
  • Stored XSS - Malicous script is stored on web server and can be executed permanently.
  • DOM - In this attack, DOM environment is changed but the code is same.

PLESAE UPVOTE IF THIS HELPED YOU.
THANKS


Related Solutions

Explain how bright-line spectra could possibly be used to identify which atoms are present in an...
Explain how bright-line spectra could possibly be used to identify which atoms are present in an unknown gas sample
Could a sluice gate be used as a flow measuring device? Comment on the performance of...
Could a sluice gate be used as a flow measuring device? Comment on the performance of the gate as a flow measuring device under both conditions (drowned and free)
The number 986 could have a variety of meanings. They could be used as a code...
The number 986 could have a variety of meanings. They could be used as a code (Dx code 986 in ICD-9-CM), a radio station (98.6 FM) or even a temperature (98.6 Degrees F). The raw numbers 986 equal data that is then transferred into information, which has meaning. Think about and discuss the concepts of data and information. What is the data, information, knowledge continuum? Also, discuss how data supports quality assessment and the importance of data quality for outcome...
paper:what could possibly be the world’s reserve currency in 2120?
paper:what could possibly be the world’s reserve currency in 2120?
Which type of enzyme is routinely used in biotechnology to cut DNA into fragments? Nuclear transplantation...
Which type of enzyme is routinely used in biotechnology to cut DNA into fragments? Nuclear transplantation (somatic cell nuclear transfer) is a technique that requires multiple steps. Which of the following steps is nota part of this technique? a. production of an enucleated egg (egg with the nucleus removed) b. de-differentiated (re-programmed) somatic cell c. fusion of a sperm cell with an egg cell d. fusion of a de-differentiated somatic cell with an enucleated egg
Hi, could you ist one example of a talent pool where you can possibly advertise your...
Hi, could you ist one example of a talent pool where you can possibly advertise your job vacancy to and give an explanation.
Write a java code that could be used to show the simulation of a tornado. use...
Write a java code that could be used to show the simulation of a tornado. use the understanding of the mix of low temperature and high temperature wind go create a spinning vortex. ***POSTED INCORRECT QUESTION** here is the real question: plz write a simple java code to show a spinning circle of particles.
WHICH EXPERIMENTS COULD BE DONE TO TEST IF A VIRUS COULD BE USED AS A VECTOR...
WHICH EXPERIMENTS COULD BE DONE TO TEST IF A VIRUS COULD BE USED AS A VECTOR FOR A VACCINE ?
Write this code in java and don't forget to comment every step. Write a method which...
Write this code in java and don't forget to comment every step. Write a method which asks a baker how hot their water is, and prints out whether it is OK to make bread with the water. If the water is at or above 110F, your method should print "Too Warm." If the water is below 90.5F, print "Too Cold." If it is in between, print "Just right to bake!" For example, if the user inputs the number 100.5, the...
Examine each of the following code fragments to identify the type of polymorphism it represents (overloading,...
Examine each of the following code fragments to identify the type of polymorphism it represents (overloading, coercion, parametric, or subtype) double x, y;    x = 5;    y = 4;      print("result= " + x / y);   b. int sum(int a, int b) {    std::cout << "Sum of ints\n";      return a + b;      }      double sum(double a, double b) {     std::cout << "Sum of doubles\n";     return a + b;      }      int main() {  ...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT