👻🕸️ Cybersecurity Awareness Month Sale - 50% off select memberships! 🕸️👻

1 day, 12 hours remaining!

Free CompTIA Security+ SY0-701 Practice Question

A company's web application includes user input in web pages without proper validation or encoding. Attackers inject code that runs in the browsers of other users, potentially stealing session tokens and personal data. Which vulnerability is being exploited by attackers?

  • Cross-site scripting (XSS)

  • Remote file inclusion

  • Cross-site request forgery (CSRF)

  • SQL injection

This question's topic:
CompTIA Security+ SY0-701 / 
Threats, Vulnerabilities, and Mitigations
Your Score:

Check or uncheck an objective to set which questions you will receive.