How to mitigate from SQL injection?

Injection happens when untrusted data is send to an interpreter as a part of
command or query. By executing the command attacker can access data without proper authorization.

There are many types of injection like: SQL, OS, LDAP, XPath, XML and HTML.

Mitigation: Input validation, data sanitization, always use parameterized query instead of dynamic query, always set least privilege, proper error handing (Not disclose sensitive information).

Spread the love

Leave a Comment

Your email address will not be published. Required fields are marked *

14 − four =