What type of attack involves injecting scripts into web pages?

The correct choice involves the concept of Cross-Site Scripting (XSS), which is a type of web security vulnerability. In XSS attacks, an attacker injects malicious scripts into content that is served to other users. This occurs when a web application allows users to include untrusted data in web pages without proper validation or escaping. When users visit the affected web page, the injected scripts run in their browser, which can lead to various malicious outcomes, such as stealing session cookies, redirecting users to fraudulent websites, or performing actions on behalf of the user.

In contrast, other options pertain to different types of attacks. For example, SQL Injection is focused on executing unauthorized SQL commands against a database, while Denial of Service aims to make a service unavailable to its users. Phishing typically involves tricking users into revealing sensitive information, often by masquerading as a trustworthy entity. Each of these attack methods targets different aspects of web application vulnerabilities, highlighting the unique nature of Cross-Site Scripting as it pertains specifically to the injection of scripts into web pages.