CREST Practitioner Security Analyst (CPSA) Practice

What type of vulnerability typically allows for the stealing of cookies through non-persistent XSS?

• A. QueryString manipulation
• B. Code execution
• C. Data corruption
• D. Session fixation

The correct answer is: QueryString manipulation

The correct choice relates to the nature of how non-persistent cross-site scripting (XSS) vulnerabilities function. In non-persistent XSS, the attacker injects malicious scripts into a web application in such a way that they are executed in the context of the victim's browser when the victim loads a page. QueryString manipulation is a technique often used in non-persistent XSS attacks, where attackers exploit the parameters in the URL, known as the query string. By including scripts in the query string, these malicious codes can be executed when the user unknowingly accesses a crafted URL. This execution may result in the theft of session cookies, allowing an attacker to impersonate the user. In contrast, other types of vulnerabilities listed in the options do not primarily focus on cookie theft through the exploitation of the query string. Code execution does not specifically emphasize the vector or method used, while data corruption relates to the integrity of the data rather than interception of cookies. Session fixation, meanwhile, refers to a different attack where an attacker sets a user's session identifier, which does not involve manipulating query strings for XSS purposes. Thus, the emphasis on QueryString manipulation as a means to facilitate cookie stealing through non-persistent XSS highlights the methodical