Question: An internal review of a web-based application system finds the ability to gain access to all employees’ accounts by changing the employee’s ID on the URL used for accessing the account.The vulnerability identified is:
A.) broken authentication.
B.) unvalidated input.
C.) cross-site scripting.
D.) Structured query language (SQL) injection.

Download pdf (with explanations) edition of this exam.