CQL injection, encode CQL strings, use percent encoding

1. Describe issue impact on business Special characters like " \ / ^ * _ are not correctly handled resulting in CQL and SQL injection. This may cause data loss or give illegal database access (read and write). 2. What institutions are affected? (field “Affected Institutions” in Jira to be populated) Attackers don't publish which institutions they will attack. 3. What is the workaround if exists? None. 4. What areas will be impacted by fix (i.e. what areas need to be retested) SIP2 5. Brief explanation of technical implementation and the level of effort (in workdays) and technical risk (low/medium/high) Use proper quoting and encoding. One workday. Low risk because standard quoting and encoding techniques are used. 6. Brief explanation of testing required and level of effort (in workdays). Provide test plan agreed with by QA Manager and PO. Testing edge-sip2. One workday. 7. What is the roll back plan in case the fix does not work? Use previous version.