[org.odata4j:odata4j-dist] SQL Injection in odata4j

odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE, this product is apparently discontinued.

References

• https://nvd.nist.gov/vuln/detail/CVE-2016-11023
• https://groups.google.com/d/msg/odata4j-discuss/_lBwwXP30g0/Av6zkZMdBwAJ
• https://github.com/advisories/GHSA-2382-qx5h-rvqh