In the following code, which is the location of vulnerability? 1 bIsAdmin = true; 2 try 3 { 4 function (); 5 bIsAdmin = isAdminUser(userName); 6 } 7 catch (Exception ex) 8 { 9 log.write(ex.toString()); 10 }

technology security

  1. Line 1

  2. Line 5

  3. Line 7

  4. Line 9

Show answer
Correct Option: A

AI Explanation

To answer this question, we need to identify the location of the vulnerability in the given code.

In this code snippet, the vulnerability is located at line 1: bIsAdmin = true;.

The variable bIsAdmin is being set to true without any validation or authentication checks. This means that any user can be assigned the bIsAdmin value of true, regardless of their actual user privileges. This can potentially lead to unauthorized access or privilege escalation if the bIsAdmin value is used to control access or perform critical operations.

Therefore, the correct answer is A) Line 1.

Find more quizzes: