Is Dolibarr protected against SQL injection?

Is Dolibarr 12.0.4 protected against SQL injection attacks?