Category Archives: SOQL

What is SOQL INJECTION

SOQL INJECTION

One of the most important features of an application is the ability to store and retrieve data from the underlying database layer. This interaction with the database happens through SQL in traditional web application and through SOQL in Salesforce application. SOQL in Salesforce is a prime target for exploitation for an attacker trying to gain access to the org’s data.

When a developer trusts a user input incorrectly, leading to exposure of information which is referred to as SOQL Injection attack. With Salesforce development involving database interactions, risk of SOQL injection is obvious

Let’s go through an example demonstrating how a SOQL attack can happen

Continue reading

Posted in Mirketa, MirketaInc, Salesforce, SOQL, SOQL in salesforce, SOQL Injection, SOQL query, SOQL salesforce, What is SOQL Injection.