Lab 5.2 OS Command injection Quiz answer options

dtowerss

Hi guys,

In the Quiz for section 5.2, I think the current "correct" answer is not the correct answer for the question.

The question is:
Which coding practice can lead to OS command injection vulnerability?

and the current correct answer is:
Proper input validation and sanitation.

I think the question needs to be update to something like:
Which coding practice can help to prevent OS command injection vulnerability?

to match the current question, or make:

"Use of functions that directly execute commands without proper validation or escape mechanisms" the correct answer.

lrosso

Came here to point the same mistake.
Correct answer should be "Use of functions..."