Danynab

**Name of the Vulnerable Software and Affected Versions** danynab movify-j (affected versions not specified) **Description** A critical vulnerability was found in danynab movify-j, affecting the function `getByMovieId` of the file `app/business/impl/ReviewServiceImpl.java`. The manipulation of the argument `movieId/username` leads to SQL injection. **Recommendations** To fix this issue, it is recommended to apply a patch with the name `c3085e01936a4d7eff1eda3093f25d56cc4d2ec5`. As a temporary workaround, consider disabling the `getByMovieId` function until a patch is available. Restrict access to the `ReviewServiceImpl.java` file to minimize the risk of exploitation. Avoid using the argument `movieId/username` in the affected function until the issue is resolved.