Which of the following is the weakest mitigation strategy against SQL injection, despite being commonly recommended?

Last Updated :

Discuss

Comments

Using prepared statements / parameterized queries.

Using ORM methods that bind parameters.

Applying a strict allowlist (whitelist) for expected input values.

Escaping input based on the DB engine’s escaping rules.

This question is part of this quiz :

Tags:

Share your thoughts in the comments

GeeksforGeeks