There is a risk of SQL injection.
QiAnXinCodeSafe opened this issue · comments
It is recommended to replace java.sql.Statement with java.sql.PreparedStatement.
It is recommended to replace java.sql.Statement with java.sql.PreparedStatement.
You are right, thank you for your suggestion.