This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SQL Injection

Go to solution
KElsner
Super Contributor

‎29-06-2016 04:13 PM

My security guys are asking for MEGA HOPEX protection against SQL injection before I get an internal GoLive approval. Is there anything done to in HOPEX V1R3 CP11 to be protected against SQL injection?

 

0 Likes
2 Replies

Go to solution
KElsner
Super Contributor

‎01-07-2016 02:55 PM

Hello Jerome,

 

many thanks for the quick response.

 

Best regards

Kai Elsner

 

0 Likes

Go to solution
jhorber
MEGA
MEGA

‎30-06-2016 03:42 PM

Hello KEsner

 

By design, SQL injections are not possible in HOPEX.


Indeed:

  • GUI do not enable to insert SQL statements.
  • APIs do not enable to run SQL statements

Update actions in the HOPEX repository are transformed though several business layers to SQL statement by a core C++ component. This component cannot be customized.

Jerome
0 Likes
MEGA International © 1994 - 2024. All rights reserved