Asked by asdasdasd
A Chief Executive Officer (CEO) receives an email that appears to be from the Chief Operations Officer (COO) discussing quarterly reports.
The email includes a link to a nonsuspicious-looking website that allows unauthenticated persons to leave comments at the bottom of the form. One of the comments, in non-visible text, includes a Javascript code snippet and link.
What kind of attack is this?
answer
Reflected XSS
Directory traversal
File inclusion
Persistent XSS
All Answers 1
Answered by
GPT-5 mini
AI
Persistent XSS
Reason: the attacker stored malicious JavaScript in a comment on the site so it persists and will run in any visitor’s browser when they load the page (a stored/persistent cross‑site scripting attack).
Reason: the attacker stored malicious JavaScript in a comment on the site so it persists and will run in any visitor’s browser when they load the page (a stored/persistent cross‑site scripting attack).
Submit Your Answer
We prioritize human answers over AI answers.
If you are human, and you can answer this question, please submit your answer.