Home
Dynamically executing code is security-sensitive
SecurityWarning 
Critical
Rule description
- Dynamically executing code is security-sensitive
Non-compliant Code Example
USE master;
declare @Id int;
EXEC ('USE AdventureWorks2012; SELECT BusinessEntityID, JobTitle FROM HumanResources.Employee WHERE Id = ''' + @Id + ''' ;'); --Non compliant code