CompTIA Security+ SY0-701 Practice Question
A security analyst is reviewing the output of a vulnerability scan before importing it into the risk management register. The analyst notices an entry for CVE-2023-9999, which mentions that the software has unpatched SQL injection weaknesses. How should the analyst classify this vulnerability?
Cross-site Scripting (XSS)
Insecure Deserialization
Injection Flaws
Security Misconfiguration