Clayton

SOQL/SOSL injection is a serious security vulnerability that results from insecure construction of database queries with user-supplied data. When queries are built unsafely from user-input, instead of using type-safe bind parameters, malicious input may be able to change the structure of the query to bypass or change application logic.

- Visualforce components
- Visualforce pages
- Apex controllers

Ensure user-supplied input is sanitized before using it in dynamic SOQL or SOSL queries.

SOQL/SOSL Injection

Home

Find answers and get help from Intercom Support and Community Experts

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

No tickets created by you

Try using different keywords or checking for typos.

No tickets found containing "{value}"

No tickets found

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

SOQL/SOSL Injection

Rationale

Scope