ASVS Requirement 1.2.4

• Level: 1
• Chapter: V1 Encoding and Sanitization
• Section: V1.2 Injection Prevention
• Source: 0x10-V1-Encoding-and-Sanitization.md

Description

Verify that data selection or database queries (e.g., SQL, HQL, NoSQL, Cypher) use parameterized queries, ORMs, entity frameworks, or are otherwise protected from SQL Injection and other database injection attacks. This is also relevant when writing stored procedures.