# TypeORM SQL Injection in Raw Query

- ID: typeorm-sql-injection-raw-query
- Severity: CRITICAL
- CWE: SQL Injection (CWE-89)
- Languages: JavaScript, TypeScript
- Frameworks: typeorm

## Description

Raw SQL queries with string concatenation or template literals bypass TypeORM's
parameterization, enabling SQL injection attacks.

## Detection Message

Raw SQL query method uses untrusted input without parameterization. Use parameterized queries with ? or $1 placeholders.

## Remediation

Use parameterized queries with placeholder syntax.

```typescript
const users = await manager.query(
  'SELECT * FROM users WHERE id = ?',
  [userId]
);
```

Learn more: https://shoulder.dev/learn/typescript/cwe-89/sql-injection-raw-query

## Documentation

[object Object]

## Related Rules

- **SQL Injection via Database Queries** [CRITICAL]: 
- **SQL Injection via Database Queries** [CRITICAL]: 
- **Prisma Raw Query SQL Injection** [CRITICAL]: 
- **GraphQL Injection / Unsafe Query Construction** [HIGH]: 
- **SQL Injection via Database Queries** [CRITICAL]: