1. Security Guide
  2. Developement security overview
  3. Secure development for the Oracle InForm Adapter
  4. SQL injection

SQL injection

SQL injection issues occur when an SQL query is built using input from an untrusted source. This could allow an attacker to modify an SQL statement or to execute dangerous SQL commands.

The Oracle InForm Adapter interface web service uses bind variables and does not dynamically generate SQL, which makes SQL injection impossible.

Parent topic: Secure development for the Oracle InForm Adapter