CVE-2022-39303

Name of the Vulnerable Software and Affected Versions Ree6 versions prior to 1.7.0

Description This issue allows manipulation of SQL queries. The estimated number of potentially affected devices is not provided. There are no reported real-world incidents where this issue was exploited. The issue is related to SQL injection risk, which is mitigated by using Java's PreparedStatements.

Recommendations For versions prior to 1.7.0, update to version 1.7.0 to resolve the issue by utilizing Java's PreparedStatements, which allow object setting without the risk of SQL injection.