What is the result of this test?

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:

<script>alert("This is a test.")</script>

When you type this and click on search, you receive a pop-up window that says:

"This is a test."

What is the result of this test?

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:

<script>alert("This is a test.")</script>

When you type this and click on search, you receive a pop-up window that says:

"This is a test."

What is the result of this test?

A.
Your website is vulnerable to web bugs

B.
Your website is vulnerable to CSS

C.
Your website is not vulnerable

D.
Your website is vulnerable to SQL injection

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

Cyberius

Cyberius

I think this should be correct not to CSS but to XSS

Reply

TexPro

TexPro

Hi

Thanks, I feel the author/writer is specific to the meaning of the subject. Therefore, when you express in terminology XSS is right to mean cross-site-scripting CSS

Reply