Certified Ethical Hacker (CEH v10) — Question 144

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP's Top Ten Project Most Critical Web Application Security Risks?

Answer options

• A. Cross Site Scripting
• B. Injection
• C. Path disclosure
• D. Cross Site Request Forgery

Correct answer: B

Explanation

The primary concern listed in OWASP's Top Ten Project is Injection, which encompasses flaws that allow attackers to send untrusted data to an interpreter. Cross Site Scripting (A) and Cross Site Request Forgery (D) are significant risks but are not the top priority. Path disclosure (C) is also a concern but is less critical than Injection.