A3:2021 | SQL Injection Mitigation (8) | Cycubix Docs

Input Validation Required?

Since my queries are no longer injectable do I still need to validate my input?

  • YES!

Prevents other types of attacks from being stored in the database

  • Stored XSS.

  • Information leakage.

  • Logic errors - business rule validation.

  • SQL injection.

Often the database is considered trusted

Last updated