Doctrine queryBuilder: SQL Injection risk in addOrderBy() method? – Pretag November 23, 2021November 23, 2021 PCIS Support Team Security Short answer is that column names submitted by form could in fact be used for a sql injection attack. Doctrine assumes you have properly validated … Related:No Related Posts