However I notice that the HP Fortify is not detecting this validation not in place and hence it should not report this as vulnerable. Can somebody let me know if one is required to write a custom datacleanse rule for HP Fortify to detect this?
Thank you Geert Sman for your reply. I wrote the dataflowcleanse rule it worked. TaintedFlag to be used for writing the dataflowclease rule in this case is +VALIDATED_DYNAMIC_CODE_EVALUATION_CODE_INJECTION.