Is code injection possible in Java?

Question

nowadays you can read much about code injection, exploits, buffer-, stack- and heap-overflows etc. leading to inject and run code. I wonder what of this stuff is relevant for Ja

Answer 1

You can't inject java, but all web applications are vulnerable to XSS if the input is not properly filtered. Also any application that interacts with a sql database can be vulnerable to SQL injection. To avoid this you will want to look into Parameterized Queries.