Home/ Questions/Q 8010943
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T18:53:13+00:00

I know Hibernate uses prepared statements. But have a doubt when I use session.createSQLQuery()

  • 0

I know Hibernate uses prepared statements. But have a doubt when I use session.createSQLQuery().

Is my query safe from SQL injection in this case whether I append the values in the query or use setParameter()

Regards,

Satya

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    it is safe when using session.createSQLQuery().setParameter() because hibernate uses parameters then which are safe as JB Nizet and couling said

    • 0