Home

OS commands should not be vulnerable to injection attacks

Rule description

  • OS commands should not be vulnerable to injection attacks

 

Non-compliant Code Example

global function string callRun (string name)
Run(name)
Return name
end function

Compliant Code Example

global function string callRun (string name)
Run("MYBATCH.BAT TEST")
Return name
end function
Visual Expert 2020
 VEPBRULE11