Untrusted input reaching a sensitive interpreter or sink — SQL, command, template, deserialization, SSRF, XSS, and upstream validation gaps.
The defect mechanism: untrusted input reaches a sensitive sink without neutralization.
In scope. SQL / NoSQL / command / LDAP / XPath / template / deserialization injection, SSRF, reflected / stored / DOM XSS, open redirect, prototype pollution, unsafe eval, XML External Entity, CSV injection, header injection, input-validation gaps on request bodies and query parameters, output-encoding omissions, trust-boundary violations.
Not in scope. Authentication bypass via credential injection — that's access-control (the sink is the auth decision). Stored data that is structurally wrong without a user-input vector — that's data-integrity. Prompt injection specifically targeting LLMs — that's injection-and-input-trust as primary plus inference-contract as secondary (the LLM is the sink).
Distinct because. The defect is the interpreter executes what the attacker wrote. Not about who the caller is (access-control) or how the bytes are stored (data-integrity). A pattern about "user input passed to res.redirect() without allowlist" is injection; a pattern about "admin role check missing on route" is access-control.
Conceptual sub-structure. SQL / command / XSS / SSRF / deserialization / validation-gaps. Formal sub-taxon paths when individual sub-areas grow unwieldy.