Description
While working on a fix for #3516 in #3547, the case of EnumStringType.ObjectToSQLString appeared to be invalid on another level.
nhibernate-core/src/NHibernate/Type/EnumStringType.cs
Lines 192 to 195 in e8028fb
That type stores enum values as strings in the database. But its method for obtaining SQL compatible literal values just yields the enum value name (or string representation of the underlying type value if not named) as is, not as a SQL string literal.
So, using that type for the few features relying on ObjectToSQLString is very likely to fail. (So, using it as a discriminator, or in a query referencing a static field.)
But it does not allow a practical SQL injection since it is limited to inject a single word having .Net identifier naming constraints. So, I will not fix this in #3547 but I open an issue instead.