F105. Apache Lucene query injection

Description

The system generates Apache Lucene queries dynamically, without validating untrusted inputs and without using parameterized statements or stored procedures.

Rules

  1. R169. Use parameterized queries

  2. R173. Discard unsafe inputs

Fluid Attacks logo Start with Fluid Attacks

Fluid Attacks logo Contact us

OWASP logo

We are a proud corporate member of the OWASP Foundation

Contact Us

Number is valid Number is not valid
Please select an option



Clutch Review

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy