Rationale

SOQL/SOSL injection is a serious security vulnerability that results from insecure construction of database queries with user-supplied data. When queries are built unsafely from user-input, instead of using type-safe bind parameters, malicious input may be able to change the structure of the query to bypass or change application logic.

Scope

  • Visualforce components

  • Visualforce pages

  • Apex controllers

Did this answer your question?