Multiple choice technology security

Identify the weakness in the below JSP file:

1    
2  ...   
3  Dear User,   
4    
5  If you liked our services, then you would like to refer it to your friends.   
6    
7  Click on the below link:    
8    
9  <a href="/CWE/ReferAFriendAction?pageRedirect=">"&gt;  "Refer a Friend"!</a>  10  ...  
11 

  1. Information Disclosure

  2. Cross Site Scripting

  3. Usage of Risky Encryption

  4. All of the above

Reveal answer Fill a bubble to check yourself
C Correct answer
Explanation

The code uses Base64 encoding to obfuscate the redirect URL. Base64 is a reversible encoding scheme, not encryption, representing a usage of risky/non-existent encryption to secure sensitive parameter values. Since other options are also relevant, 'Usage of Risky Encryption' is the specific implementation flaw shown here.