Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce B2B Commerce for Developers Accredited Professional (AP-202) Exam - Topic 4 Question 94 Discussion

Actual exam question for Salesforce's B2B Commerce for Developers Accredited Professional (AP-202) exam
Question #: 94
Topic #: 4
[All B2B Commerce for Developers Accredited Professional (AP-202) Questions]

Although Salesforce B2B Commerce and Salesforce recommend against using

"without sharing classes" whenever possible, sometimes it is unavoidable. Which three

items will open up a major security hole? (3 answers)

Show Suggested Answer Hide Answer
Suggested Answer: A, C, D

Executing dynamic SOQL inside a without sharing class with a bind variable from PageReference.getParameters(), PageReference.getCookies(), or cc_RemoteActionContext class will open up a major security hole because these sources of input are not sanitized and can be manipulated by malicious users to inject SOQL queries that bypass the sharing rules and access data that they are not supposed to see. For example, a user can modify the URL parameters or cookies to include a SOQL query that returns sensitive data from the database. To prevent this, it is recommended to use static SOQL or escape the bind variables before executing dynamic SOQL.


by Bettina at Jun 01, 2026, 09:25 AM

Limited Time Offer

25%

Off

Get Premium B2B Commerce for Developers Accredited Professional (AP-202) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel

Currently there are no comments in this discussion, be the first to comment!


Save Cancel