17. Web security: server-side attacks

Question 1

What is an injection attack?

Answer 1

Untrusted data sent to an interpreter as part of a command/query

Question 2

How do you defend against an injection attack?

Answer 2

Validate/sanitise user data