Apache · Apache Cocoon · CVE-2022-45135
**Name of the Vulnerable Software and Affected Versions**
Apache Cocoon versions 2.2.0 through 2.2.x (before 2.3.0)
Apache Cocoon versions prior to 2.3.0
**Description**
The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. Users are advised to upgrade to a fixed version.
**Recommendations**
For Apache Cocoon versions 2.2.0 through 2.2.x, upgrade to version 2.3.0.
For Apache Cocoon versions prior to 2.3.0, upgrade to version 2.3.0.