EVAL statements tainted with user input and can pose a security issues (WMB)
EVAL statements can present a security issue. EVAL statements can also have performance issues as per IBM Best Practices.
|
DECLARE TempSQL CHARACTER; SET TempSQL = ‘DELETE * FROM ‘; SET OutputRoot.XMLNS.Data.Result[] = EVAL(TempSQL || InputRoot.XMLNSC.Details.Stuff.TargetTable); |
December 2023 We will be presenting our new tool for helping with spoofing risks and brand protection BeterCodingToolsChecker.com at Cybersec Asia 2024 March 2022 We are currently working on a beta version of a Sonarqube plugin that … Read More >>
Download trial version Trial versions are available here We have trial versions of the MB-Precise plugin is available for download here (5.1+), the release (6.0.x) and here for the latest … Download Now >>
