CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Code Security
  • Features
Engineering Productivity
  • DORA Metrics
  • Dev Productivity
Code Quality
  • Features
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Cloud Security
  • AWS
  • GCP
  • Azure
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
      • Lang
        • Best-practice
        • Performance
        • Security
          • Ncino
            • Dml
            • Encryption
            • Endpoints
            • Injection
            • Sharing
            • System
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Ncino

Dml

apex-csrf-constructor

Having DML operations in Apex class constructor or initializers can have unexpected side effects: By just accessing a page, the DML statements would be executed and the database would be modified. Just querying the database is permitted.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-352: Cross-Site Request Forgery (CSRF)
OWASP:
- A01:2021 - Broken Access Control

apex-csrf-static-constructor

Having DML operations in Apex class constructor or initializers can have unexpected side effects: By just accessing a page, the DML statements would be executed and the database would be modified. Just querying the database is permitted.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-352: Cross-Site Request Forgery (CSRF)
OWASP:
- A01:2021 - Broken Access Control

dml-native-statements

Native Salesforce DML operations execute in system context, ignoring the current user’s permissions, field-level security, organization-wide defaults, position in the role hierarchy, and sharing rules. Be mindful when using native Salesforce DML operations.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-863: Incorrect Authorization
OWASP:
- A01:2021 - Broken Access Control
- A04:2021 - Insecure Design
OperationsInLoopsEncryption
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.