A penetration tester was able to gain unauthorized access to a hypervisor platform. Which of the following vulnerabilities was most likely exploited?

Cross-site scripting (XSS) is a web security vulnerability typically found in web applications, where an attacker injects malicious scripts into content viewed by users. This type of attack primarily targets client-side scripts rather than underlying hypervisor technologies, rendering it unsuitable for gaining unauthorized access to hypervisor platforms.

SQL injection is a code injection technique that exploits vulnerabilities in an application's software by inserting malicious SQL queries into input fields. While this can compromise databases and applications, it does not relate directly to hypervisor platforms or their management, making it an unlikely choice for accessing a hypervisor.

A race condition occurs when the behavior of software depends on the timing of uncontrollable events, often leading to unpredictable results. Although it can lead to vulnerabilities, race conditions typically pertain to software applications rather than hypervisor environments, which are specifically designed to manage virtualization effectively.