Which of the following scenarios is most likely to cause an injection attack?
A. Unvalidated input is embedded in an instruction stream.
B. Unvalidated input can be distinguished from valid instructions.
C. A Web application does not validate a client's access to a resource.
D. A Web action performs an operation on behalf of the user without checking a shared secr
E. None of the other choices
