A web application is susceptible to cross-site scripting. Which two methods allow this issue to be mitigated? (Choose two.)
A. Use only drop downs.
B. Limit user input to acceptable characters.
C. Encrypt user input on the client side.
D. Use AES encryption to secure the script.
E. Remove all HTML/XML tags from user input.
Correct answer is BE.
You would want to prevent scripts inside an input field. This requires checking characters and stripping tags.
https://portswigger.net/web-security/cross-site-scripting