Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Salesforce Exam Platform Developer I Topic 2 Question 93 Discussion

Actual exam question for Salesforce's Platform Developer I exam
Question #: 93
Topic #: 2
[All Platform Developer I Questions]

Which code in a Visualforce page and/or controller might present a security vulnerability?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

Dion
4 months ago
Hmmm, I'd say B is the clear winner here. Or should I say, the clear loser? Security, people, security!
upvoted 0 times
...
Matt
4 months ago
Ha! I bet the developers who wrote option B were like, 'What could possibly go wrong?' Famous last words, my friend.
upvoted 0 times
Allene
4 months ago
Yeah, using {!sCurrentPage.parameters.userInput} without escaping is dangerous.
upvoted 0 times
...
Raina
4 months ago
Option B looks risky.
upvoted 0 times
...
...
Floyd
4 months ago
Option B? More like option 'Oh no, you didn't!' Yikes, that's a security nightmare waiting to happen.
upvoted 0 times
Stephen
3 months ago
Yeah, that's a big no-no. Always sanitize user input for security.
upvoted 0 times
...
Sabrina
3 months ago
User input directly in the outputText? Definitely a security risk.
upvoted 0 times
...
Tyisha
4 months ago
Option B? More like option 'Oh no, you didn't!' Yikes, that's a security nightmare waiting to happen.
upvoted 0 times
...
...
Nikita
4 months ago
That makes sense. Thanks for pointing that out.
upvoted 0 times
...
Farrah
5 months ago
B looks like the one that could present a security vulnerability. Allowing unescaped user input to be rendered on the page could lead to potential cross-site scripting (XSS) attacks.
upvoted 0 times
Yolande
4 months ago
It's important to sanitize and escape user input to protect against security risks.
upvoted 0 times
...
Helene
4 months ago
Definitely, security should always be a top priority when coding.
upvoted 0 times
...
Marjory
4 months ago
We should always be careful with user input to prevent security vulnerabilities.
upvoted 0 times
...
Adell
4 months ago
Yes, allowing unescaped user input to be rendered on the page could lead to potential XSS attacks.
upvoted 0 times
...
Carolann
4 months ago
We should always be careful with user input to prevent any XSS attacks.
upvoted 0 times
...
Chantay
4 months ago
I think B is the one that could present a security vulnerability.
upvoted 0 times
...
Mila
4 months ago
I agree, option B could definitely lead to a security vulnerability.
upvoted 0 times
...
...
Gail
5 months ago
Because the value attribute is not properly escaped, making it vulnerable to cross-site scripting attacks.
upvoted 0 times
...
Nikita
5 months ago
Why do you think that?
upvoted 0 times
...
Gail
5 months ago
I think option A might present a security vulnerability.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77