SQL Injection risk due to untrusted input
Description
SQL Injection detected. User input is being used to construct SQL queries without parameterization. This can allow attackers to manipulate queries, bypass authentication, or extract data.
Examples
Insecure Code
java
String query = "SELECT * FROM users WHERE id = '" + userId + "'"; Statement stmt = conn.createStatement(); stmt.executeQuery(query);Secure Code
java
PreparedStatement stmt = conn.prepareStatement("SELECT * FROM users WHERE id =?"); stmt.setString(1, userId); stmt.executeQuery();Remediation
Use `PreparedStatement` with placeholders `?` or use `CriteriaBuilder` or ORM query APIs
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0666 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-89 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | sql-injection |
| OWASP | A03:2021-Injection |