Code injection is a form of attack in which a malicious user:

A. Inserts text into a data field

that gets interpreted as code

B. Gets the server to execute arbitrary code using a buffer overflow

C. Inserts additional code into the JavaScript running in the browser

D. Gains access to the codebase on the server and inserts new code