"},{"@type":"Answer","text":"' OR '1'='1' --"},{"@type":"Answer","text":"../../../../etc/passwd%00"}]}]}
🔥 3-day streak
CompTIA PenTest+ (PT0-003)27 / 175
Question 27 of 175

During a web application assessment of a customer feedback portal, you notice that submitted comments are later exported by administrators into a CSV file and opened in Microsoft Excel. You want to test whether you can achieve code execution on an administrator's workstation through the data you submit. Which payload should you inject into the comment field to test this vulnerability?

Reviewed for accuracy · Report an issueNext question