SQL query construction using format string

The software does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command.

More Information

G201: SQL query construction using format string