Rationale

SOQL/SOSL injection is a serious security vulnerability that results from insecure construction of database queries with user-supplied data. When queries are built unsafely from user-input, instead of using type-safe bind parameters, malicious input may be able to change the structure of the query to bypass or change application logic.

Scope

  • Visualforce components
  • Visualforce pages
  • Apex controllers
Did this answer your question?