Salesforce Certified Sharing and Visibility Architect — Question 47

What vulnerability can exist when controllers use dynamic rather than static queries and bind variables?

Answer options

• A. Buffer Overflow Attacks
• B. Record Access Override
• C. SOQL Injection
• D. Cross-site scripting

Correct answer: C

Explanation

The correct answer, SOQL Injection, is a vulnerability that occurs when dynamic queries are constructed using user input without proper sanitization, allowing attackers to manipulate the query. Buffer Overflow Attacks and Cross-site scripting are different types of vulnerabilities that do not specifically relate to query construction, while Record Access Override pertains to unauthorized access to records, not the manipulation of queries.