SQL Injection

Elastic Social does not rely on SQL for database access so all Elastic Social components are immune to SQL injection attacks.

The MongoDB NoSQL database used in Elastic Social transfers BSON encoded data. To communicate with the MongoDB server Elastic Social uses the MongoDB Java Driver which takes care of the necessary encoding of BSON messages which prevents injection of unintended data. For information about SQL injection attacks please refer to the MongoDB documentation and forums.