Hi,
Recently a customer has engaged 3rd vendor to conduct penetration test and there is an issue raise regarding "application allows input of anomaly syntax to various functions of the web application. eg. % ^ * & ( ) ".
I'm pretty sure CRM SDK already handles such syntax such that to prevent any attack such as SQL Injection. However, is there any MSDN Article or white paper (official documents from MS) to state such prevention are built in the SDK framework?
Thanks!