John has been told to turn off all scripting capabilities within his webbrowser. Which of the following attack types would this best thwart?
A.
Directory transversal
B.
UNICODE
C.
Smurf
D.
XSS
Explanation:
The term "cross-site scripting" (XSS) refers to an attack where a vulnerability is found on a web site that allows an attacker to inject malicious code into a web application. The malicious code can then be executed in the browsers of unsuspecting users as they access the site. Turning off all scripting would fix this vulnerability, but would break a lot of web applications.