codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Code QL not finding sql server injection attack

Open mbowlin-insight opened this issue 4 months ago • 0 comments
trafficstars

I created a sample SQL Server injection attack, and CodeQL is not recognizing the vulnerability. If I do the same thing for a PostgreSQL database, it recognizes the vulnerability.

No Error found:

Image

Error found:

Image

Any ideas on why this would be the case?

mbowlin-insight avatar Jun 23 '25 20:06 mbowlin-insight