R172 – EVAL statements may pose security issues (WMB)

EVAL statements may pose security issues (WMB)

EVAL statements can present a security issue. EVAL statements can also have performance issues as per IBM Best Practices.

DECLARE TempSQL CHARACTER;
SET TempSQL = ‘DELETE * FROM Users’;
SET OutputRoot.XMLNS.Data.Result[] = EVAL(TempSQL);