SQL Injection
Description
It is possible to execute arbitrary SQL commands on the target application server’s backend database. SQL Injection is a critical vulnerability that can lead to a data or system compromise.
Remediation
Always use parameterized queries when issuing requests to backend database systems. In situations where dynamic queries must be created, never use direct user input, but instead use a map or dictionary of valid values and resolve them using a user-supplied key.
For example, some database drivers do not allow parameterized queries for >
or <
comparison
operators. In these cases, do not use a user-supplied >
or <
value, but rather have the user
supply a gt
or lt
value. The alphabetical values are then used to look up the >
and <
values to be used in the construction of the dynamic query. The same goes for other queries where
column or table names are required but can not be parameterized.
Details
ID | Aggregated | CWE | Type | Risk |
---|---|---|---|---|
89.1 | false | 89 | Active | high |
Links
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support