Which of the following conditions must be met to exploit this vulnerability?

During a penetration test, a tester finds that the web application being analyzed is vulnerable to
Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this

vulnerability?

During a penetration test, a tester finds that the web application being analyzed is vulnerable to
Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this

vulnerability?

A.
The web application does not have the secure flag set.

B.
The session cookies do not have the HttpOnly flag set.

C.
The victim user should not have an endpoint security solution.

D.
The victim’s browser must have ActiveX technology enabled.

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

@ibraheem_111

@ibraheem_111

B.
The session cookies do not have the HttpOnly flag set.
================================================================

Explanation of HTTPOnly Cookies in Presence Cross-Site Scripting

https://www.youtube.com/watch?v=YCfInEFWbVA

Reply