SQL Injection - Problem DML In Code

Problem: DML in Code
* Application code shouldn’t contain SQL Data Manipulation Language (DML)
* DML enables malicious input to be injected
* Eliminating DML should be part of your next security review