The default case of "3 or 1=1" passed into a query param as type cf_sql_integer should throw an error, be caught, and therefore fail. Railo does not throw an error. Not sure if its a cfqueryparam issue,
The default case of "3 or 1=1" passed into a query param as type cf_sql_integer should throw an error, be caught, and therefore fail.
Railo does not throw an error.
Not sure if its a cfqueryparam issue,