该插件是否可以扫描sql注入漏洞 Can this plugin scan for SQL injection vulnerabilities

donhui / sonar-mybatis

MyBatis Plugin for SonarQube: Rules to check SQL statements in MyBatis Mapper XML files

Other

74 stars 21 forks source link

Open xinyi0418 opened 10 months ago

xinyi0418 commented 10 months ago

For example, when scanning the mapper XML file, SQL did not use # but instead used$

morganchenjp commented 5 days ago

@donhui can you pls help to clarify this question?
I just tried same scenario, but the plugin can't scan it out.