Is Quickbase vulnerable to SQL injection or any other kind of code injection?

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered

Is Quickbase vulnerable to SQL injection or any other kind of malicious code injection? I can't find anything in the API documentation, but I would hope that protection is built into the API.

Context: Building a web form using the API, and trying to determine whether additional security screening is necessary before the data is submitted to Quickbase.

Photo of Levi

Levi

  • 0 Points

Posted 3 years ago

  • 0
  • 1
Photo of Eric

Eric

  • 40 Points
QuickBase is not vulnerable to a SQL injection attack as it's a proprietary database with multiple layers. 
Photo of Levi

Levi

  • 0 Points
Thanks for the response! Is it not vulnerable because it doesn't use SQL or any derivative thereof, or because the precautions have been taken?
Photo of Eric

Eric

  • 40 Points
Both. Precautions have been taken, and there's no DROP "TableName" command that would allow for injection.
Photo of Levi

Levi

  • 0 Points
Thanks!