Secure Coding Welcome to your Secure CodingWelcome to our Secure Coding Vulnerability Quiz! Test your coding skills by identifying vulnerabilities in real-world code snippets. Learn about secure coding principles as you tackle SQL Injection, XSS, and more. Start the quiz and become a more security-conscious developer! Happy coding! Good luck and enjoy the quiz! Name Email 1. What security vulnerability is present in the following code snippet?public class PaymentService {public static void main(String[] args) {int userId = getUserIdFromRequest();String creditCard = getCreditCardInfo(userId);System.out.println("Credit card number: " + creditCard);}private static int getUserIdFromRequest() {return 123; }private static String getCreditCardInfo(int userId) {// Retrieve and return credit card information for the given user IDreturn "1234-5678-9012-3456"; }} Insecure Session Management Hardcoded Sensitive Data Sensitive Data Exposure Cross-Site-Scription (XSS) None 2. What security vulnerability is present in the following code snippet?public class ProfileServlet extends HttpServlet {protected void doPost(HttpServletRequest request, HttpServletResponse response) {String name = request.getParameter("name");String bio = request.getParameter("bio");String website = request.getParameter("website");User user = new User();user.setName(name);user.setBio(bio);user.setWebsite(website);// Save the user profilesaveUserProfile(user); // Redirect to the profile page response.sendRedirect("/profile");}} SQL Injection Cross-Site Scripting (XSS) Insecure Direct Object Reference (IDOR) Insecure Session Management None 3. What security vulnerability is present in the following code snippet?public class PLATFORM {public static void main(String[] args) throws Exception {Process p = Runtime.getRuntime().exec(args[0]); BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));String line;while ((line = in.readLine()) != null) {System.out.println(line);}}} SQL Injection Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Remote Code Execution None 4. What security vulnerability is present in the following code snippet?public class PizzaDeliveryApp {public static void main(String[] args) {Scanner scanner = new Scanner(System.in);System.out.println("Enter the URL of the pizza menu:");String menuUrl = scanner.nextLine();try {URL url = new URL(menuUrl);BufferedReader reader = new BufferedReader(new InputStreamReader(url.openStream()));String inputLine;while ((inputLine = reader.readLine()) != null) {System.out.println(inputLine);}reader.close();} catch (MalformedURLException e) {System.err.println("Invalid URL: " + e.getMessage());} catch (IOException e) {System.err.println("Failed to fetch the menu: " + e.getMessage());}}} Cross-Site Scripting (XSS) Server-Side Request Forgery (SSRF) Insecure Deserialization Open Redirection None 5. What security vulnerability is present in the following code snippet?public class FileInclusionServlet extends HttpServlet {protected void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException { String fileName = request.getParameter("file"); FileInputStream fis = new FileInputStream(fileName); ServletOutputStream outputStream = response.getOutputStream(); int ch; while ((ch = fis.read()) != -1) { outputStream.write(ch); } fis.close(); outputStream.close(); } } Cross-Site Scripting (XSS). SQL Injection Local File Inclusion Server-Side Request Forgery The code is secure; no vulnerability exists None 6. What security vulnerability is present in the following code snippet?// This code allows the user to view a list of accounts by specifying the account ID in the URL parameter String accountId = request.getParameter("accountId"); Account account = accountDao.getAccountById(accountId); response.getWriter().write(account.toString()); Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Insecure Direct Object Reference (IDOR) SQL Injection None Time's upLeave a Reply Cancel replyCommentEnter your name or username to commentEnter your email address to commentEnter your website URL (optional) Save my name, email, and website in this browser for the next time I comment. Δ