# Improper Neutralization of Special Elements in Data Query Logic (CWE-943) The product generates a query intended to access or manipulate data in a data store, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query. **Stack:** JavaScript - Prevalence: Alta Frequentemente explorada - Impact: Alto 3 regras de severidade alta - Prevention: Documentada 3 exemplos de correção **OWASP:** Injection (A03:2021-Injection) - #3 ## Description This covers injection attacks against NoSQL databases, ORM frameworks, and other data query mechanisms that differ from traditional SQL injection. ## Prevention Estratégias de prevenção para NoSQL Injection baseadas em 1 regras de detecção do Shoulder. ### JavaScript Validate input types and sanitize MongoDB operators ## Warning Signs - [HIGH] user input flowing into NoSQL database queries without validation ## Consequences - Ler dados da aplicação - Modificar dados da aplicação - Burlar mecanismo de proteção ## Mitigations - Use consultas parametrizadas para todos os armazenamentos de dados - Valide e sanitize a entrada antes de usar em consultas - Aplique o princípio do menor privilégio às contas de banco de dados ## Detection - Total rules: 3 - Languages: go, javascript, typescript, python ## Rules by Language ### Javascript (1 rules) - **NoSQL Injection via MongoDB Queries** [HIGH]: Detects user input flowing into NoSQL database queries without validation. - Remediation: Validate input types and use mongo-sanitize to remove operators from user input. ```javascript const sanitized = mongoSanitize(req.body.query); const user = await User.findOne(sanitized); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-943/nosql-injection ### Typescript (1 rules) - **NoSQL Injection via MongoDB Queries** [HIGH]: Detects user input flowing into NoSQL database queries without validation. - Remediation: Validate input types and use mongo-sanitize to remove operators from user input. ```javascript const sanitized = mongoSanitize(req.body.query); const user = await User.findOne(sanitized); ``` Learn more: https://shoulder.dev/learn/javascript/cwe-943/nosql-injection