From 619d178b2b02f420e1aa493684d4377e328d93f4 Mon Sep 17 00:00:00 2001
From: Mobb autofixer <git@mobb.ai>
Date: Wed, 2 Apr 2025 08:28:29 +0000
Subject: [PATCH] mobb fix commit: 6a0c8779-d991-4c10-b42d-70261d8792b8

---
 .../webgoat/lessons/challenges/challenge5/Assignment5.java   | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java
index c8b3f3d10e..d9eb649281 100644
--- a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java
+++ b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java
@@ -59,9 +59,8 @@ public AttackResult login(
           connection.prepareStatement(
               "select password from challenge_users where userid = '"
                   + username_login
-                  + "' and password = '"
-                  + password_login
-                  + "'");
+                  + "' and password = ?");
+      statement.setString(1, password_login);
       ResultSet resultSet = statement.executeQuery();
 
       if (resultSet.next()) {