Please solve my problem
Below code is giving Vulnerability issue Path transversal vulnerability.

Method fetchuserModule at line 809 of
GenerationEJBBean.java gets dynamic data from the getString element. This element’s value
then flows through the code and is eventually used in a file path for local disk access in
invokeWebService at line 330 of

GenerationEJBBean.java. This may cause a Path Traversal vulnerability.

---


private String fetchuserModule( Connection conn) throws Exception {
dbg("Inside gettting fetchuserModule module ");
String paramVal = null;
PreparedStatement pstmt = null;
try {
pstmt = conn.prepareStatement("select DFLT_MODULE from smtb_user where user_id = 'SYSTEM' ");
//pstmt.setString(1, "JCIC_ENABLED");
ResultSet rs = pstmt.executeQuery();
while (rs.next())
paramVal = rs.getString("DFLT_MODULE");
dbg("Returing from fetchuserModule param value is " );
return paramVal;
} catch (Exception e) {
dbg("Exception occured while fetchuserModule " + e);
throw e;
}
}