WebDynamics experienced altered webpage content due to stored Cross-Site Scripting (XSS) attacks caused by lack of output encoding. What should be the main focus to prevent this?
A.
Implement proper output encoding for displayed content.
Comprehensive and Detailed Explanation (ECIH-aligned):
Stored XSS vulnerabilities arise when untrusted input is rendered without proper output encoding. The ECIH Web Application module clearly states that output encoding is the primary defense against XSS.
Option A is correct because encoding ensures that user-supplied input is treated as data rather than executable script. This directly prevents malicious script execution in users’ browsers.
Options B and C provide additional protection but do not fix the root cause. Option D is unrelated to XSS prevention.
ECIH emphasizes fixing vulnerabilities at the application logic level, making output encoding the correct focus.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit