🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional114 / 129
Question 114 of 129
A security assessment of a company's customer support web portal reveals that comments submitted by users are stored in a database and later rendered on an agent's dashboard. A tester submitted a comment containing a script tag, and when an agent opened the ticket queue, the script executed in the agent's browser and exfiltrated the agent's session token. Which control most directly prevents this class of vulnerability?
Reviewed for accuracy · Report an issueNext question