what kind of software design problem?

An attacker gains access to a Web server’s database and displays the contents of the table that holds all of the
names, passwords, and other user information. The attacker did this by entering information into the Web site’s
user login page that the software’s designers did not expect to be entered. This is an example of what kind of
software design problem?

An attacker gains access to a Web server’s database and displays the contents of the table that holds all of the
names, passwords, and other user information. The attacker did this by entering information into the Web site’s
user login page that the software’s designers did not expect to be entered. This is an example of what kind of
software design problem?

A.
Insufficient input validation

B.
Insufficient exception handling

C.
Insufficient database hardening

D.
Insufficient security management

Explanation:
The most common web application security weakness is the failure to properly validate input coming from the
client or from the environment before using it. This weakness leads to almost all of the major vulnerabilities in
web applications, such as cross site scripting, SQL injection, interpreter injection, locale/Unicode attacks, file
system attacks, and buffer overflows.
https://www.owasp.org/index.php/Testing_for_Input_Validation



Leave a Reply 0

Your email address will not be published. Required fields are marked *