Injection
← Back to OWASP Top 10
Untrusted data sent as part of a command or query, causing the interpreter to execute unintended commands. Includes SQL injection, NoSQL injection, OS command injection, and LDAP injection. Primary mitigation: parameterized queries and input validation.