Question
Which of the following best describes the mechanism of a
Cross-Site Scripting (XSS) attack?Solution
A Cross-Site Scripting (XSS) attack involves injecting malicious scripts, typically JavaScript, into web pages that are later viewed by other users. This attack exploits vulnerabilities in web applications that fail to properly validate or sanitize user inputs. When a victim visits the compromised web page, the malicious script executes in their browser, potentially stealing sensitive data, hijacking sessions, or defacing websites. XSS is categorized into three types: reflected, stored, and DOM-based. Stored XSS is particularly dangerous because the malicious script is permanently stored on the server and served to multiple users. For instance, attackers might inject a script into a comment section of a blog, and every user viewing the comments becomes a victim. Proper input validation, output encoding, and Content Security Policy (CSP) implementation are essential defenses against XSS. Why Other Options Are Incorrect :
- Exploiting vulnerabilities in a database to inject malicious SQL queries : This describes SQL Injection, which targets backend databases rather than injecting scripts into web pages.
- Tricking users into executing unintended actions on a web application they are authenticated with : This is a Cross-Site Request Forgery (CSRF) attack, not XSS.
- Overwhelming a server with excessive traffic to disrupt service availability : This refers to Distributed Denial-of-Service (DDoS) attacks, unrelated to injecting scripts.
- Using trial-and-error methods to guess valid user credentials : This describes a Brute Force attack, which involves guessing passwords and does not involve script injection.
Where was the 3rd test match of England vs India Test Series 2021 played?
Dr.Teejan Bai, a Padma Shri, Padma Bhushan and Padma Vibhushan awardee is globally recognised for her contribution to which of the following art forms?
Which of the following is correct?
Consider the following statements about natural phenomena.
1. Penitentes are formed in high altitudes where sunlight turns ice directly into wate...
Anish Shah, the newly appointed President of the Federation of Indian Chambers of Commerce and Industry (FICCI) for the term 2023-24, currently holds th...
0.5 is what percentage of 20?
Recently Rohan Bopanna won a Grand Slam title at Australian Open 2024, when did he win his 1st Grand Slam title?
Prithviraj Raso, an epic poem about the life of the 12th century Indian king, Prithviraj Chauhan, was written by:
_______ union territory has the highest literacy rate as per 2011 census.
Who had assumed the title of Balban?