Pingo Question - Detection of XSS Execution - Lecture 04

0 votes
Hello,
I’m unsure about this Pingo question (slide 40): "Which component can always detect XSS execution?"
Options:
    A) Browser
    B) Server side web application
    C) Server side database
    D) None of the above answers is correct
The browser executes Javascript, but can it always detect XSS execution? That’s why I would choose D as the correct answer. Or did I misunderstand the question?
Thanks!
in General/Lecture/Exam by
edit history

1 Answer

0 votes
Yes, D) is the correct answer here. There are examples in the lecture for types of XSS that can “work around” each of the other answers :)

Maybe try to come up with a type of XSS for each other answer. If you need help with understanding any of A, B, or C, please ask again; otherwise I would let that be an exercise for your understanding ;)
by (2.3k points)
edit history