*4.4.6 Injection and input vulnerabilities*

Injections and input vulnerabilities enable maliciously crafted code to change the underlying intended behavior of a system or application. The OWASP Testing Guide [31] currently lists eighteen common best practice tests, including SQL/ NoSQL injection, Cross Site Scripting (XSS), and HTTP injection attacks, among others.
