Is it possible to have any kind of code-injection for inputs that are not stored into the database?
I have a web application with multiple inputs, but all the inputs are used to filter the "search". So, should I worry about code-injection? If yes, is there any practical example of injection without the input being stored into the database?
Aucun commentaire:
Enregistrer un commentaire