{"id":17650,"date":"2021-11-02T12:23:50","date_gmt":"2021-11-02T06:53:50","guid":{"rendered":"https:\/\/www.varutra.com\/?p=17650"},"modified":"2022-12-02T11:42:44","modified_gmt":"2022-12-02T06:12:44","slug":"hibernate-query-language-hql-injection","status":"publish","type":"post","link":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/","title":{"rendered":"Hibernate Query Language (HQL) Injection"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/varutra-1a3b6.kxcdn.com\/wp-content\/uploads\/2021\/11\/Blogs-Banner-1024x535.png\"  class=\"sh-overlay-item sh-table-cell ls-is-cached lazyloaded\" data-rel=\"lightcase\" title=\"Hibernate Query Language HQL Injection - Varutra Consulting\"><br \/>\nHQL is the abbreviation for\u00a0<strong>Hibernate Query Language<\/strong>. Hibernate can be classified as ORM or Object-Relational Mapping. It maps class definitions with similar SQL tables that are present within the source code. It is an object-oriented query language that is similar to SQL. However, it works with persistent objects and their properties instead of operating on tables and columns. Hibernate translates HQL queries into conventional SQL queries that act on the database.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-17655 aligncenter\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Hibernate-query-language-HQL.png\" alt=\"Hibernate query language (HQL)\" width=\"475\" height=\"206\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Hibernate-query-language-HQL.png 475w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Hibernate-query-language-HQL-300x130.png 300w\" sizes=\"(max-width: 475px) 100vw, 475px\" \/><\/p>\n<p style=\"text-align: center\"><strong>Figure 1: Hibernate query language<\/strong><\/p>\n<p>&nbsp;<\/p>\n<h3><strong>ORM (Object Relational Mapping)<\/strong><\/h3>\n<p>Object-Relational Mapping (ORM) is a well-known programming technique that helps to convert data between object-oriented programming languages (e.g., C#, Java, etc.) and relational databases. RDBMS represents the data in tabular format, but OOPS follows the concept of objects, and it represents data as a connected graph of objects.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-17658 aligncenter\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Object-relational-mapping.png\" alt=\"Object-relational mapping\" width=\"606\" height=\"231\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Object-relational-mapping.png 606w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Object-relational-mapping-300x114.png 300w\" sizes=\"(max-width: 606px) 100vw, 606px\" \/><\/p>\n<p style=\"text-align: center\"><strong>Figure 2: Object-relational mapping<\/strong><\/p>\n<p>SQL database management systems (DBMS) can only store as they are not object-oriented. They can even manipulate scalar values like integers and strings, which are organized within tables. Therefore, object values must be converted into groups of more exact figures for storage in the database (and convert them back upon retrieval), or only use simple scalar values within the program.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-17657 aligncenter\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Object-relational-mapping-2.png\" alt=\"Object-relational mapping\" width=\"606\" height=\"291\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Object-relational-mapping-2.png 606w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Object-relational-mapping-2-300x144.png 300w\" sizes=\"(max-width: 606px) 100vw, 606px\" \/><\/p>\n<p style=\"text-align: center\"><strong>Figure 3: Object-relational mapping<\/strong><\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Hibernate<\/strong><\/h3>\n<p>Hibernate is an Object-Relational Mapping solution that is used for JAVA. It maps Java classes to database tables and Java data types to SQL data types, giving you retrieval facilities and data queries.<\/p>\n<p>Whenever we write a query, it does not directly go to the database. It is first going to hibernate engine that parses the query and interprets it, later it gets converted to SQL. Any error message we get during testing can come from either hibernate engine or database.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>SQL Injection versus ORM \/ Hibernate Query Language injection<\/strong><\/h3>\n<p>HQL has some restrictions over SQL injection, for example &#8211; No union, no function to create easy delay, no system function, no metadata tables available, etc.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-17654 aligncenter\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/SQL-vs.-HQL.png\" alt=\"SQL vs. HQL\" width=\"627\" height=\"456\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/SQL-vs.-HQL.png 627w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/SQL-vs.-HQL-300x218.png 300w\" sizes=\"(max-width: 627px) 100vw, 627px\" \/><\/p>\n<p style=\"text-align: center\"><strong>Figure 4: SQL vs. HQL<\/strong><\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Approach and Methodology For Hibernate Query Language injection<\/strong><\/h3>\n<p>HQL injection is an attack that uses SQL Injection. This attack is carried out against an ORM-generated data access object model. It is an attack identical to a <a href=\"https:\/\/www.varutra.com\/second-order-sql-injection-attack\/\">SQL Injection<\/a>, but the injection vulnerability exists in code generated by the ORM layer.<\/p>\n<p>If an injection is present in HQL syntax, it cannot be exploited as a standard SQL injection. It happens because the HQL language has its syntax, which is more restricted (for example, there is no way to query unmapped tables). If you are getting \u201corg.hibernate.QueryException\u201d after inserting some special characters in any application parameter, then it is possible that HQL Injection is already present.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-17656 aligncenter\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/HQL-error.png\" alt=\"HQL error\" width=\"608\" height=\"222\" srcset=\"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/HQL-error.png 608w, https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/HQL-error-300x110.png 300w\" sizes=\"(max-width: 608px) 100vw, 608px\" \/><\/p>\n<p style=\"text-align: center\"><strong>Figure 5: HQL error<\/strong><\/p>\n<p>As proceeding further, we need to break the syntax and form our payloads to exploit it further. Different RDBMS uses different escaping techniques. For example \u2013 MySQL Database escape character \u2018with \\*. Please note HQL does not support UNION queries. Also, the malicious input will always be between the percentage symbols.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Example:<\/strong><\/h3>\n<p><strong>HQL List Columns<\/strong><\/p>\n<p>from Student<\/p>\n<p>where name like &#8216;%&#8217;<\/p>\n<p>and DOESNT_EXIST=1 and &#8221;=&#8217;%&#8217; &#8212;<\/p>\n<p>and register= true<\/p>\n<p><strong>HQL Error Based<\/strong><\/p>\n<p>from Student<\/p>\n<p>where firstName like &#8216;%11&#8242;<\/p>\n<p>and (select password from User where username=&#8217;admin&#8217;)=1<\/p>\n<p>or &#8221;=&#8217;%&#8217;<\/p>\n<p>and register = true<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Conclusion<\/strong><\/h3>\n<p>In this post, you get to know that an additional layer of security is not provided in Hibernate. As a result, hackers can easily break through the HQL language to compromise data. It is possible because the old tricks are still fully functional to break out through the HQL language.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Reference:<\/strong><\/h3>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Object%E2%80%93relational_mapping\">https:\/\/en.wikipedia.org\/wiki\/Object%E2%80%93relational_mapping<\/a><\/p>\n<p><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2016ams\/materials\/D2T2%20-%20Mikhail%20Egorov%20and%20Sergey%20Soldatov%20-%20New%20Methods%20for%20Exploiting%20ORM%20Injections%20in%20Java%20Applications.pdf\">https:\/\/conference.hitb.org\/hitbsecconf2016ams\/materials\/D2T2%20-%20Mikhail%20Egorov%20and%20Sergey%20Soldatov%20-%20New%20Methods%20for%20Exploiting%20ORM%20Injections%20in%20Java%20Applications.pdf<\/a><\/p>\n<p>https:\/\/github.com\/swisskyrepo\/PayloadsAllTheThings\/blob\/master\/SQL%20Injection\/HQL%20Injection.md<\/p>\n<p><a href=\"https:\/\/www.fullstackpython.com\/object-relational-mappers-orms.html\">https:\/\/www.fullstackpython.com\/object-relational-mappers-orms.html<\/a><\/p>\n<p><a href=\"https:\/\/www.tutorialspoint.com\/hibernate\/hibernate_query_language.htm\">https:\/\/www.tutorialspoint.com\/hibernate\/hibernate_query_language.htm<\/a><\/p>\n<p><a href=\"http:\/\/interviewquestionjava.blogspot.com\/2014\/01\/framework-orm-object-relational-mapping.html\">http:\/\/interviewquestionjava.blogspot.com\/2014\/01\/framework-orm-object-relational-mapping.html<\/a><\/p>\n<p>https:\/\/blog.h3xstream.com\/2014\/02\/hql-for-pentesters.html<\/p>\n<p>&nbsp;<\/p>\n<p>Author,<\/p>\n<p><strong>Prashasti Rikhari<\/strong><\/p>\n<p>Attack &amp; PenTest Team<\/p>\n<p>Varutra Consulting Pvt. Ltd<\/p>","protected":false},"excerpt":{"rendered":"<p>HQL is the abbreviation for\u00a0Hibernate Query Language. Hibernate can be classified as ORM or Object-Relational Mapping. It maps class definitions with similar SQL tables that&#8230;<\/p>\n","protected":false},"author":4,"featured_media":17660,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[272],"tags":[546,548,547,424],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.6.3 - aioseo.com -->\n\t\t<meta name=\"description\" content=\"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.\" \/>\n\t\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t\t<link rel=\"canonical\" href=\"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/\" \/>\n\t\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.6.3\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Varutra Consulting\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Hibernate Query Language (HQL) Injection Attack by ORM\" \/>\n\t\t<meta property=\"og:description\" content=\"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/\" \/>\n\t\t<meta property=\"article:tag\" content=\"hibernate query language\" \/>\n\t\t<meta property=\"article:tag\" content=\"hql\" \/>\n\t\t<meta property=\"article:tag\" content=\"hql injection\" \/>\n\t\t<meta property=\"article:tag\" content=\"sql injection\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2021-11-02T06:53:50+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2022-12-02T06:12:44+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Hibernate Query Language (HQL) Injection Attack by ORM\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.\" \/>\n\t\t<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t\t<meta name=\"twitter:data1\" content=\"kalpblogger\" \/>\n\t\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#article\",\"name\":\"Hibernate Query Language (HQL) Injection Attack by ORM\",\"headline\":\"Hibernate Query Language (HQL) Injection\",\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/kalpblogger\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Blogs-Banner.png\",\"width\":1200,\"height\":627,\"caption\":\"Hibernate Query Language (HQL) Injection\"},\"datePublished\":\"2021-11-02T12:23:50+05:30\",\"dateModified\":\"2022-12-02T11:42:44+05:30\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#webpage\"},\"articleSection\":\"Web Application Security, Hibernate Query Language, HQL, HQL Injection, sql injection\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"nextItem\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#listItem\"},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#listItem\",\"position\":2,\"name\":\"Hibernate Query Language (HQL) Injection\",\"previousItem\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#listItem\"}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\",\"name\":\"Varutra\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Varutra-Found-e1612984024606.jpg\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/kalpblogger\\\/#author\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/kalpblogger\\\/\",\"name\":\"kalpblogger\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/5e96a9b330da7c941c1e39217a2fbe38?s=96&d=mm&r=g\",\"width\":96,\"height\":96,\"caption\":\"kalpblogger\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#webpage\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/\",\"name\":\"Hibernate Query Language (HQL) Injection Attack by ORM\",\"description\":\"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/kalpblogger\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/kalpblogger\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Blogs-Banner.png\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#mainImage\",\"width\":1200,\"height\":627,\"caption\":\"Hibernate Query Language (HQL) Injection\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/hibernate-query-language-hql-injection\\\/#mainImage\"},\"datePublished\":\"2021-11-02T12:23:50+05:30\",\"dateModified\":\"2022-12-02T11:42:44+05:30\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"name\":\"Varutra Consulting\",\"description\":\"Secure your digital world with our Cybersecurity services.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>Hibernate Query Language (HQL) Injection Attack by ORM<\/title>\n\n","aioseo_head_json":{"title":"Hibernate Query Language (HQL) Injection Attack by ORM","description":"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.","canonical_url":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"og:locale":"en_US","og:site_name":"Varutra Consulting","og:type":"article","og:title":"Hibernate Query Language (HQL) Injection Attack by ORM","og:description":"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.","og:url":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/","article:tag":["hibernate query language","hql","hql injection","sql injection"],"article:published_time":"2021-11-02T06:53:50+00:00","article:modified_time":"2022-12-02T06:12:44+00:00","twitter:card":"summary_large_image","twitter:title":"Hibernate Query Language (HQL) Injection Attack by ORM","twitter:description":"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.","twitter:label1":"Written by","twitter:data1":"kalpblogger","twitter:label2":"Est. reading time","twitter:data2":"3 minutes","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#article","name":"Hibernate Query Language (HQL) Injection Attack by ORM","headline":"Hibernate Query Language (HQL) Injection","author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/kalpblogger\/#author"},"publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Blogs-Banner.png","width":1200,"height":627,"caption":"Hibernate Query Language (HQL) Injection"},"datePublished":"2021-11-02T12:23:50+05:30","dateModified":"2022-12-02T11:42:44+05:30","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#webpage"},"isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#webpage"},"articleSection":"Web Application Security, Hibernate Query Language, HQL, HQL Injection, sql injection"},{"@type":"BreadcrumbList","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/#listItem","position":1,"name":"Home","item":"https:\/\/www.varutra.com\/varutravrt3\/","nextItem":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#listItem"},{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#listItem","position":2,"name":"Hibernate Query Language (HQL) Injection","previousItem":"https:\/\/www.varutra.com\/varutravrt3\/#listItem"}]},{"@type":"Organization","@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization","name":"Varutra","url":"https:\/\/www.varutra.com\/varutravrt3\/","logo":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Varutra-Found-e1612984024606.jpg","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#organizationLogo"},"image":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/kalpblogger\/#author","url":"https:\/\/www.varutra.com\/varutravrt3\/author\/kalpblogger\/","name":"kalpblogger","image":{"@type":"ImageObject","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/5e96a9b330da7c941c1e39217a2fbe38?s=96&d=mm&r=g","width":96,"height":96,"caption":"kalpblogger"}},{"@type":"WebPage","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#webpage","url":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/","name":"Hibernate Query Language (HQL) Injection Attack by ORM","description":"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#website"},"breadcrumb":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#breadcrumblist"},"author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/kalpblogger\/#author"},"creator":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/kalpblogger\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2021\/11\/Blogs-Banner.png","@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#mainImage","width":1200,"height":627,"caption":"Hibernate Query Language (HQL) Injection"},"primaryImageOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/#mainImage"},"datePublished":"2021-11-02T12:23:50+05:30","dateModified":"2022-12-02T11:42:44+05:30"},{"@type":"WebSite","@id":"https:\/\/www.varutra.com\/varutravrt3\/#website","url":"https:\/\/www.varutra.com\/varutravrt3\/","name":"Varutra Consulting","description":"Secure your digital world with our Cybersecurity services.","inLanguage":"en-US","publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"}}]}},"aioseo_meta_data":{"post_id":"17650","title":"Hibernate Query Language (HQL) Injection Attack by ORM","description":"Hibernate Query Language is an object-oriented query language that is similar to SQL. Hibernate translates HQL queries into SQL queries that act on database.","keywords":[],"keyphrases":"{\"focus\":{\"keyphrase\":\"Hibernate\",\"score\":100,\"analysis\":{\"keyphraseInTitle\":{\"title\":\"Focus keyphrase in SEO title\",\"description\":\"Focus keyphrase found in SEO title.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInDescription\":{\"title\":\"Focus keyphrase in meta description\",\"description\":\"Focus keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Focus keyphrase length\",\"description\":\"Good job!\",\"score\":9,\"maxScore\":9,\"error\":0,\"length\":1},\"keyphraseInURL\":{\"title\":\"Focus keyphrase in URL\",\"description\":\"Focus keyphrase used in the URL.\",\"score\":5,\"maxScore\":5,\"error\":0},\"keyphraseInIntroduction\":{\"title\":\"Focus keyphrase in introduction\",\"description\":\"Your Focus keyphrase appears in the first paragraph. Well done!\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInSubHeadings\":{\"title\":\"Focus keyphrase in Subheadings\",\"description\":\"Your H2 and H3 subheadings reflects the topic of your copy. Good job!\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInImageAlt\":{\"title\":\"Focus keyphrase in image alt attributes\",\"description\":\"Focus keyphrase found in image alt attribute(s).\",\"score\":9,\"maxScore\":9,\"error\":0}}},\"additional\":[{\"keyphrase\":\"Hibernate Query Language\",\"score\":100,\"analysis\":{\"keyphraseInDescription\":{\"title\":\"Keyphrase in meta description\",\"description\":\"Keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Keyphrase length\",\"description\":\"Good job!\",\"score\":9,\"maxScore\":9,\"error\":0,\"length\":3},\"keyphraseInIntroduction\":{\"title\":\"Keyphrase in introduction\",\"description\":\"Your Keyphrase appears in the first paragraph. Well done!\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInImageAlt\":{\"title\":\"Keyphrase in image alt attributes\",\"description\":\"Keyphrase found in image alt attribute(s).\",\"score\":9,\"maxScore\":9,\"error\":0}}}]}","primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":[],"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":"{\"article\":{\"articleType\":\"BlogPosting\"},\"course\":{\"name\":\"\",\"description\":\"\",\"provider\":\"\"},\"faq\":{\"pages\":[]},\"product\":{\"reviews\":[]},\"recipe\":{\"ingredients\":[],\"instructions\":[],\"keywords\":[]},\"software\":{\"reviews\":[],\"operatingSystems\":[]},\"webPage\":{\"webPageType\":\"WebPage\"}}","pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"limit_modified_date":false,"open_ai":null,"created":"2021-11-02 04:06:27","updated":"2022-12-02 06:13:49"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\/category\/web-application-security\/\" title=\"Web Application Security\">Web Application Security<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\tHibernate Query Language (HQL) Injection\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.varutra.com\/varutravrt3"},{"label":"Web Application Security","link":"https:\/\/www.varutra.com\/varutravrt3\/category\/web-application-security\/"},{"label":"Hibernate Query Language (HQL) Injection","link":"https:\/\/www.varutra.com\/varutravrt3\/hibernate-query-language-hql-injection\/"}],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/17650"}],"collection":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/comments?post=17650"}],"version-history":[{"count":5,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/17650\/revisions"}],"predecessor-version":[{"id":20233,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/17650\/revisions\/20233"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media\/17660"}],"wp:attachment":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media?parent=17650"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/categories?post=17650"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/tags?post=17650"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}