When someone is successfully able to target an app with credential stuffing, it’s because the app was not configured properly to eliminate which type of vulnerability?
a) Lack of rate limiting
b) Strong encryption
c) Proper input validation
d) Adequate logging