“http: // www. MyPersonalBank. com/ account?

While using your bank’s online servicing you notice the following string in the URL bar:

“http: // www. MyPersonalBank. com/ account?id=368940911028389&Damount=10980&Camount=21”

You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflects the changes.

Which type of vulnerability is present on this site?
A . Cookie Tampering
B . SQL Injection
C . Web Parameter Tampering
D . XSS Reflection

Answer: C

Notify of
Inline Feedbacks
View all comments