>_COMMAND ZERO
What vulnerability definitely exists on Melania's message board?","acceptedAnswer":{"@type":"Answer","text":"Correct Answer: A. Cross-site scripting. Explanation: The message board is clearly susceptible to a cross-site scripting (XSS) attack. The code that Melania discovered in the message is a definitive example of an attempt to conduct cross-site scripting, and the alert box that she received demonstrates that the vulnerability exists. The website may also be vulnerable to cross-site request forgery, SQL injection, improper authentication, and other attacks, but there is no evidence of this provided in the scenario."}}]},{"@context":"https://schema.org","@type":"Article","headline":"Melania is reviewing posts to a user forum on her company's website, and when she browses a certain...","description":"The message board is clearly susceptible to a cross-site scripting (XSS) attack. The code that Melania discovered in the message is a definitive...","url":"https://command-zero.com/learn/cissp/melania-is-reviewing-posts-to-a-user-forum-on-her-compan","author":{"@type":"Organization","name":"Command Zero","url":"https://command-zero.com"},"publisher":{"@type":"Organization","name":"Command Zero","logo":{"@type":"ImageObject","url":"https://command-zero.com/logo.png"}},"about":{"@type":"Thing","name":"CISSP"},"educationalLevel":"intermediate","keywords":"Software Development Security","isAccessibleForFree":true},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Learn","item":"https://command-zero.com/learn"},{"@type":"ListItem","position":2,"name":"CISSP","item":"https://command-zero.com/learn/cissp"},{"@type":"ListItem","position":3,"name":"Melania is reviewing posts to a user forum on her...","item":"https://command-zero.com/learn/cissp/melania-is-reviewing-posts-to-a-user-forum-on-her-compan"}]}]
medium
Single Answer
0

Melania is reviewing posts to a user forum on her company's website, and when she browses a certain post, a message pops up in a dialog box on her screen reading “Alert.” She reviews the source code for the post and finds the following code snippet: <script>alert(‘Alert’);</script> What vulnerability definitely exists on Melania's message board?

Answer Options

A

Cross-site scripting

B

Cross-site request forgery

C

SQL injection

D

Improper authentication

Correct Answer: A

Explanation

The message board is clearly susceptible to a cross-site scripting (XSS) attack. The code that Melania discovered in the message is a definitive example of an attempt to conduct cross-site scripting, and the alert box that she received demonstrates that the vulnerability exists. The website may also be vulnerable to cross-site request forgery, SQL injection, improper authentication, and other attacks, but there is no evidence of this provided in the scenario.