🔥 3-day streak
CompTIA SecurityX (CAS-005)59 / 120
Question 59 of 120

A financial services company deploys an internal LLM-based chatbot that summarizes customer support tickets. Analysts noticed that when a ticket contains embedded HTML and JavaScript, the summarized output rendered in the agent's browser-based dashboard executes the script, exposing session tokens. The model itself is behaving as designed, faithfully reproducing ticket content. Which control most directly addresses this vulnerability?

Reviewed for accuracy · Report an issueNext question