...
This rule appears in the Java Secure Coding Standard as IDS07-J. Prevent against SQL Injection.
References
Wiki Markup |
---|
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 88|http://cwe.mitre.org/data/definitions/88.html], "Argument Injection or Modification," and [CWE ID 78|http://cwe.mitre.org/data/definitions/78.html], "Failure to Sanitize Data into an OS Command (aka 'OS Command Injection')" \[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.4.6, "The system function" \[[Viega 03|AA. C References#Viega 03]\] |
...