Which type of attack is characterized by executing unauthorized scripts in the web browser of users?

The type of attack characterized by executing unauthorized scripts in the web browser of users is known as an XSS attack, or Cross-Site Scripting attack. In this type of attack, an attacker exploits a vulnerability in a web application to inject malicious scripts into content that is delivered to unsuspecting users. When these users interact with the affected web page, the scripts are executed within their browser environment, often without their knowledge.

XSS attacks can result in a variety of security issues, including session hijacking, redirection to malicious websites, and the compromising of sensitive information, as the scripts can operate with the same permissions as the user in the context of the web application. This is particularly dangerous because it requires no involvement from the target user other than browsing the affected website.

Other types of attacks mentioned in the question do not share this specific characteristic of browser-based unauthorized script execution. For example, DLL attacks involve manipulating dynamic-link libraries and typically target software integrity rather than web applications. An API attack focuses on exploiting vulnerabilities in Application Programming Interfaces, which is also separate from executing scripts in a user's browser. Meanwhile, the term SOU attack is not commonly associated with a defined type of cyber threat, making XSS the clear and correct choice in this context.