A victim browses to a news aggregator website through a link sent to them by an attacker. The attacker then alters the page delivered to the victim's browser and includes malicious links. What flaw on the news aggregator website allowed this attack to happen?
The flaw that allowed the attacker to alter the page delivered to the victim's browser by including malicious links is Reflected XSS (Cross-Site Scripting). In a reflected XSS attack, the attacker sends a specially crafted link to the victim. When the victim clicks on the link, the server reflects the malicious script back to the victim's browser. This script is then executed in the context of the trusted website, allowing the attacker to alter the page content, which includes injecting malicious links. Other options like SQL Injection, Cross-Site Request Forgery, and Buffer Overflow do not fit the described scenario.
I think correct answer is B
B. Reflected XSS (Cross-Site Scripting)