A hacker successfully modified the sale price of items purchased through your company's web site. During the investigation that followed, the security analyst has verified the web server, and the Oracle database was not compromised directly. The analyst also found no attacks that could have caused this during their log verification of the Intrusion Detection System (IDS). What is the most likely method that the attacker used to change the sale price of the items purchased

In a situation were the hacker successful change the price of the items he/she purchased through the web site of the company's in which the company web server as well as the company Oracle database were not compromised directly which means that the most likely method in which the attacker used to modified the sale price of the items he/she purchased was by modifying the HIDDEN FORM VALUE that was in the local copy of the company web page making it easy for the HIDDEN FORM VALUE to be vulnerable to the hacker because the hidden form value did not store the company server side information or data but only store the company software state information which is why HIDDEN FORM VALUE should not be trusted.