Certified Ethical Hacker (CEH v12) — Question 240

An ethical hacker is testing a web application of a financial firm. During the test, a 'Contact Us' form's input field is found to lack proper user input validation, indicating a potential Cross-Site Scripting (XSS) vulnerability. However, the application has a stringent Content Security Policy (CSP) disallowing inline scripts and scripts from external domains but permitting scripts from its own domain. What would be the hacker's next step to confirm the XSS vulnerability?

Answer options

• A. Utilize a script hosted on the application's domain to test the form
• B. Try to disable the CSP to bypass script restrictions
• C. Inject a benign script inline to the form to see if it executes
• D. Load a script from an external domain to test the vulnerability

Correct answer: A

Explanation

The correct answer is A because the application's CSP allows scripts from its own domain, which means the ethical hacker can use a domain-hosted script to test the XSS vulnerability. Options B and D are not viable due to the CSP restrictions, and option C is ineffective since the CSP disallows inline scripts.