Advanced – Security Testing
SQL Injection – ISTQB Definition
Last Updated: July 12, 2026 · SoftwareTestPilot QA Team
Official ISTQB Definition
A code injection technique that exploits vulnerabilities in the way an application constructs SQL queries.
In simple words
User input ends up as executable SQL and lets attackers read or change the database.
Exam tip
OWASP Top 10 for years — always fixed with parameterised queries.
Related terms
Practice this term in the ISTQB Mock Test
40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.
Practice in Mock Test