Which one of the following statements best describes a command injection attack?
A. The goal of a command injection attack is to exfiltrate data on the web server’s operating system via a vulnerable web application.
B. The goal of a command injection attack is to execute arbitrary commands on the mail server.
C. The user enters arbitrary commands on the web server’s OS via a vulnerable web application.
D. The goal of a command injection attack is to execute arbitrary commands on the web server’s OS via a vulnerable web application.