PL or SQL : Date conversion

The application uses type conversions with one of the datetime types. This may lead to incorrect behavior.

Conversion of types of parameters can be exploited by an attacker. In particular, this vulnerability can serve as an SQL injection and the launch of arbitrary code through stored procedures.

If your stored procedure does not accept input from the web interface, then parameter tampering is not really a threat. However, if business logic is sensitive or the code includes operations with dynamic SQL, then some protection is needed.