Qsec-Team

**Name of the Vulnerable Software and Affected Versions** Apache Cocoon versions 2.2.0 through 2.2.x (before 2.3.0) Apache Cocoon versions prior to 2.3.0 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. Users are advised to upgrade to a fixed version. **Recommendations** For Apache Cocoon versions 2.2.0 through 2.2.x, upgrade to version 2.3.0. For Apache Cocoon versions prior to 2.3.0, upgrade to version 2.3.0.