This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 88%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi
In SharePoint 2013 Public site how to test SQL Injection attacks ?
In SharePoint 2013 web application i deployed some custom web parts,displaying data from custom lists to pages etc.
Is CAMAL Queries written in side farm solutions does make any problem, for example there are contact pages and users input data and data save in in custom lists.
Given you're using out of the box solutions (i.e. no custom input and data storage solution outside of the Microsoft framework), you'll be fine as SharePoint's code handles injection attacks and follows best practices.
Hi adilahmed ,
If you use SharePoint safe API, it is no SQL injection vulnerabilities as this will avoid a direct connection to DB. CAML Queries will interact with SQL Database as an interpreter that will not be directly queried to the SQL server, and it will be validated by SharePoint.
Best Regards,
Baker Kong
Hi @adil ,
Regarding this issue, do you have further questions? If the above info is helpful to this issue, could you please accept it as Answer?
Thanks
Baker Kong
Hi @adil ,
Regarding this issue, we have not heard from you for a long time. If this question is identified as resolved, it would be appreciated if you can mark it as an answer so that others who stuck in similar issues could get answered quickly. And if you want to receive the related email notification for this thread, please follow the steps in our documentation to enable e-mail notifications
Thanks
Baker Kong