Complete the code to identify the type of attack shown in the script.
alert('This is an example of [1] attack');
This script shows an alert box, which is a common example used to demonstrate a Cross-site scripting (XSS) attack.
Complete the sentence to explain how XSS attacks occur.
XSS attacks happen when a website [1] user input without proper validation.XSS attacks occur when a website displays user input without properly validating or sanitizing it, allowing malicious scripts to run.
Complete the code that allows XSS by completing the blank.
document.getElementById('output').innerHTML = [1];
Assigning userInput directly to innerHTML without sanitization allows XSS. The blank expects the unsafe code that causes the vulnerability.
Fill both blanks to create a safe way to display user input and prevent XSS.
const safeInput = [1](userInput); document.getElementById('output').textContent = [2];
escapeHTML converts special characters to safe codes, and textContent safely displays the text without running scripts.
Fill all three blanks to create a dictionary comprehension that filters and safely processes user inputs to prevent XSS.
safeInputs = { [1]: [2] for user, input in inputs.items() if '[3]' not in input }This comprehension creates a dictionary with usernames as keys and escaped inputs as values, excluding inputs containing the <script> tag to prevent XSS.