F105. Apache Lucene query injection

Description

The system generates Apache Lucene queries dynamically, without validating untrusted inputs and without using parameterized statements or stored procedures.

Rules

  1. R169. Use parameterized queries

  2. R173. Discard unsafe inputs

OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy