Executing of external code on the server (ExecuteExternalCode)

Type	Scope	Severity	Activated by default	Minutes to fix	Tags
`Vulnerability`	`BSL`	`Critical`	`Yes`	`1`	`error` `standard`

Description

When you develop applications, note that not only execution of a code written in the Enterprise mode is unsafe, but also places, where the Execute or Eval methods are used to execute the code created based on parameters passed to server functions and procedures.

This restriction is not applicable to the code being executed on the client

Examples

Sources

Restrictions on the use of Execute and Eval on the server (RU)

Snippets

Diagnostic ignorance in code

// BSLLS:ExecuteExternalCode-off
// BSLLS:ExecuteExternalCode-on

Parameter for config

"ExecuteExternalCode": false

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ExecuteExternalCode.md

ExecuteExternalCode.md

Executing of external code on the server (ExecuteExternalCode)

Description

Examples

Sources

Snippets

Diagnostic ignorance in code

Parameter for config

Files

ExecuteExternalCode.md

Latest commit

History

ExecuteExternalCode.md

File metadata and controls

Executing of external code on the server (ExecuteExternalCode)

Description

Examples

Sources

Snippets

Diagnostic ignorance in code

Parameter for config