Harveykane

**Name of the Vulnerable Software and Affected Versions** Jojo versions prior to 1.2.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the SQL injection vulnerability in the `checkEmailFormat` function. The vulnerability can be triggered via the `X-Forwarded-For` HTTP header to the "/articles/test/" API endpoint. **Recommendations** For versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/articles/test/` API endpoint until the update is applied. Additionally, restricting the use of the `checkEmailFormat` function can help minimize the risk of exploitation.