CWE-564
SQL Injection: Hibernate
Using Hibernate to execute a dynamic SQL statement built with user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.
Official CWE-564 definition at MITREImpactr finds and proves weaknesses like CWE-564 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist